Endpoint Detection and Response (EDR) is an emerging protection technology. It defines a category of tools and solutions that focus on detecting and investigating suspicious activities and issues on hosts and endpoints. Advanced Persistent Threats and designer malware toolkits are intentionally bypassing traditional signature-based antivirus solutions. Adding EDR capabilities strengthens Symantec's threat protection stack on the endpoint, by offering greater visibility into endpoint data and mitigating and disrupting advanced threats. This technology is leveraged by pairing Symantec Advanced Threat Protection (ATP) product with the Symantec Endpoint Protection 14 RU1 client or newer. Symantec will update the EDR engine as needed via LiveUpdate.
Here is the list of the binaries that will be updated during EDR engine updates via LiveUpdate: