Introduction
Tools that record and store behaviours of endpoint devices such as laptops, mobile phones, workstations, and virtualised desktops, and endpoint users, and use data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems.