Windows EDR Telemetry

Explore detailed telemetry capabilities and comparisons for Windows-based EDR solutions.

Legend
Yes Implemented
No Not Implemented
⚠️
Partially Partially Implemented (hover-over for explanation)
Pending Pending Response
🪵
Via EventLogs Collected from Windows Event Logs if enabled at the system level; not independently collected by the EDR via ETW.
🎚️
Via EnablingTelemetry Additional telemetry collection capability that can be enabled as part of the EDR product but is not ON by default.
Enable Hover Highlight