We have compiled the following recommendations to onboard the EDR along with Malware Protection on Windows systems:
Things to monitor:
CPU utilization
Memory utilization
High I/O
Network bandwidth
Number of EDR events captured (Hunting tab of EDR UI).
Endpoint performance with other antivirus software, Qualys products, and other software (such as coexistence, slowness, and system crashes must be monitored closely)
Was this topic helpful?