Endpoint Detection and Response

Overview

The Information Security Office offers endpoint detection and response (EDR) for university-owned computers and servers using a threat detection and identification tool to address sophisticated or advanced persistent threat attacks with features beyond traditional malware protection capabilities. 

Privacy Statement

Berkeley prioritizes privacy and data protection for individuals with Endpoint Detection and Response (EDR) software installed on university-owned computers and servers. Campus EDR is not intended for installation on personally owned devices.

The Campus Privacy Office(link is external) and the Information Risk Governance Committee (IRGC) are currently reviewing our EDR program. The IRGC provides the campus framework for institutional governance of information risk under campus and systemwide privacy policies, including the Electronic Communications Policy

Features of EDR

Trellix Endpoint Security software (formerly FireEye HX) is available for University endpoint devices, including servers, workstations, and laptops.

EDR is currently being rolled out to all campus machines via BigFix. Find additional details in our project details.

How to Get Started

  • Managed university-owned machines: Starting July 2, 2024, EDR will be incrementally distributed to campus-managed machines using BigFix.

  • Self-managed, university-owned machines: Visit Berkeley Security Software for instructions and installers.

  • All university-owned servers: Visit our EDR Service Catalog(link is external) page for instructions and installers.

Service Details and Additional Information

See our IT Catalog EDR Service page for more information(link is external), including

  • How data are collected and analyzed by EDR and the Information Security Office.
  • How UC Berkeley protects privacy.

FAQs