Please use this identifier to cite or link to this item:
Title: Soluciones Endpoint Detection and Response Open-Source. Estado del arte, propuesta de medición, análisis y evaluación para determinar su implementación y aplicabilidad en ambientes empresariales
Author: Bello Vieda, Jaime Andrés
Director: García Font, Víctor
Tutor: Mendoza Flores, Manuel Jesús
Keywords: EDR
Issue Date: 31-Dec-2019
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: The year-by-year trend of cyberthreats has been impacted large companies with considerable money loss, and this have raised the development of new solutions as part of the game with an indispensable role in detecting, mitigating and eradicating incidents as part of a robust and strategic posture on cyber defense; we're talking about Endpoint Detection and Response (EDR). Gartner, a recognized strategic advisory entity, argues an EDR is a security solution which records and stores the behavior of an Endpoint (such as a workstation or servers), using various data analysis techniques to detect suspicious behavior, provide contextual information, block malicious activities and provide remediation suggestions for affected systems. The work presents the current state of those systems that can be similar to an EDR type solution in the open-source field, and the practical implementation of a spectrum of these ones through a Proof of Concept (PoC), to observe the operation and capabilities against a victim system infected with a recent Emotet malware. A measurement scale and an evaluation of the capabilities of these EDRs are proposed in relation to the characteristics of an EDR mentioned by Gartner, in order to provide a conclusion of the maturity status of these free solutions as part of possible implementations in the company, provides a framework to get these systems measured and evaluated, in addition to the research opportunities that may create through the development of this research.
Language: Spanish
Appears in Collections:Bachelor thesis, research projects, etc.

Files in This Item:
File Description SizeFormat 
jbellovTFG1219memoria.pdfMemoria del TFG1.59 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons