Trying to get my way into the cyber security world. I have my bachelors in Digital Forensics and will be pursuing my masters in cyber security later this year.
I’m prepping to take my CASP exam next week.
I know there are different types of HIPS that can use heuristics/anomalies and ones that can detect signatures. Just wondering if EDR can detect signatures as well, or if they’re strictly machine learning/AI and reporting. Basically, what is the main difference between these two solutions? A lot of practice questions I have come across give these options, and given that they are fairly similar security tools, I would just like to know a little more in-detail about whether to use one over the other in certain scenarios.
Any input is appreciated!