You can deploy and use Open EDR in following ways:
What is EDR and available today (as of 28th September 2020)
1-Full Comodo Dragon Enterprise platform (with Pre-compiled OpenEDR with full management capability and portal (no Fee for 3 months, until you can setup your own ELK stack) Dragon Enterprise | Endpoint Protection Platform (EPP) (you can create an account with this link)
Coming soon… (hoping to have these within weeks)
** GitHub - ComodoSecurity/openedr: Open EDR public repository its now LIVE ( 9th Nov 2021!) ****
1- You can download the source code from Github (coming soon), compile it, then create your own ELK.
2- Use the compiled OpenEDR package integrated into Comodo Dragon Enterprise platform (Free to use) along with your own ELK.
3-Use the compiled OpenEDR package integrated into Comodo Dragon Enterprise platform with Comodo’s data lake (free up to 7 day storage) (for Any Comodo endpointsecurity customers)
4-Comodo to provide managed ELK Stack integrated with OpenEDR (you can use the Comodo Dragon Enterprise Platform to manage all the endpoints, for free)
Happy to hear any other ideas about other deployment scenarios please.
did you have evaluate with other siem ?!
for example, collect log from EDR and send via syslog or json ?
because i can have an other siem like qradar/arcsight or splunk in my lab environment…
Hi Jolly,
we will use FileBeats/Logstash for sending the logs and for opensource version the collected logs will be locally stored as well. So here is some examples what you can configure
you can configure Beats HTTP output plugin to send to Splunk or QRadar both supports HTTP event collection
you can configure syslog-ng to send the logs whatever destination you want
yes for now it will support only Windows, we will adapt it for Linux as well.
Tomorrow we are releasing the binaries, I will update with instructions as well
For now we are doing it manually. (automation coming soon).
Please send an email to quick-start@openedr.com, and our guys will provide all the licensing you need to run for more than 50 devices.
OK I have done the following:
Registered account with Dragon
Download agent only & installed
Install OpenEDR 2.0 on the computer.
Rebooted and now I can see the the desktop in Dragon and it says edr is installed.
Hi @melih, I have tried to build OpenEDR source code but facing problems.
I have already posted problems in " Problems Issues and Resolutions" tab but not getting response.
Could you please look into that tab.
Hi Guys
we just released a whole new version on the Xcitium Platform (formerly known as Comodo)…
Looking for feedback on how EDR feels/deploys on this Xcitium Platform please. (we hope the deployment is much easier than deploying your own ELK etc…) but we do need your feedback please!