A security solution that performs three general functions: detection and prevention of malicious network activity, investigation and forensic examination to determine root causes, and response and mitigation. Compare endpoint detection and response (EDR).