What's going on in the world of Blue Sky Systems

Endpoints can include devices such as computers, laptops, servers, and mobile devices. EDR focuses on monitoring and analysing endpoint activities in real-time to identify suspicious behaviour and potential security incidents.

Key features of Endpoint Detection and Response include:

  1. Continuous Monitoring: EDR solutions continuously monitor endpoint activities, collecting data on processes, file changes, network connections, and user behaviour.

  2. Behavioural Analysis: EDR tools use behavioural analysis and anomaly detection to identify patterns of behaviour that deviate from the normal baseline. This helps in detecting potential threats that may go unnoticed by traditional signature-based antivirus solutions.

  3. Threat Intelligence Integration: EDR solutions often integrate with threat intelligence feeds to stay updated on the latest known malware, attack techniques, and malicious activities. This integration helps in identifying and responding to known threats more effectively.

  4. Incident Response: When a potential threat is detected, EDR provides tools and capabilities for incident response. This may include isolating compromised endpoints, blocking malicious processes, and collecting forensic data for further analysis.

  5. Forensic Analysis: EDR tools assist in forensic analysis by providing detailed information about security incidents, allowing cybersecurity professionals to investigate the root cause, the extent of the compromise, and the methods used by attackers.

  6. Reporting and Visualisation: EDR solutions typically offer reporting and visualisation features, enabling security teams to analyse and understand the security posture of their endpoints. This can include dashboards, alerts, and reports that provide insights into ongoing threats and vulnerabilities.

  7. Integration with Security Ecosystem: EDR solutions often integrate with other security tools and platforms, such as Security Information and Event Management (SIEM) systems, to provide a more comprehensive and coordinated defense against cyber threats.


By focusing on the endpoints where cyber threats often originate or manifest, EDR complements traditional security measures and helps organisations detect and respond to sophisticated attacks more effectively.

What does Blue Sky Systems offer for EDR?

Blue Sky Systems have teamed up with ESET to offer anti-virus, deeper endpoint firewalling, host-based intrusion detection and EDR.

We can offer this as a monthly fee instead of annually to help with cash flow, along with installation support and 24/7 Security Operations Centre (SOC). The charging model is per endpoint or Operating System (OS) that you wish to protect and whether you wish for external SOC or you wish to keep it in-house.

The system has the ability to kill processes and isolate machines, among other automatic remediation options, in certain high-priority detections. Automated responses are generally not desired for those deemed lower priority as this could affect Business-As-Usual (BAU) work. In those situations, either SOC can review these, or you can be emailed to review them yourself.

We can tailor the solution and our SOC services to provide a combination of automatic and manual responses, along with notifications to customers if they would like to receive these - giving you total control.

Get in touch to find out how we can help you with an EDR solution on 0330 0101 550 or This email address is being protected from spambots. You need JavaScript enabled to view it..