Crowdstrike was one of the first companies doing EDR, and have a first mover advantage they have held onto. Lots of other companies offer good solutions now, but crowdstrike is still considered the gold standard, and they have worked hard to become the “default” for their market segment.
Also thanks to ebpf it’s now very easy to implement EDR without a full blown rootkit in Linux and anyone on the bleeding edge is moving away from this kind of solution
No, but yes.
Crowdstrike was one of the first companies doing EDR, and have a first mover advantage they have held onto. Lots of other companies offer good solutions now, but crowdstrike is still considered the gold standard, and they have worked hard to become the “default” for their market segment.
Also thanks to ebpf it’s now very easy to implement EDR without a full blown rootkit in Linux and anyone on the bleeding edge is moving away from this kind of solution