On a CSIS webinar broadcast in May 2026, Jan Kaastrup — CIO at CSIS Security Group — detailed two ways that attackers are seeking to overcome and disable Endpoint Detection and Response (EDR) systems. One technique targets web browsers, using malicious extensions to steal information. The other leverages vulnerable drivers to neutralise EDR tools entirely.
In this video, Jan explains how organisations can defend against these threats.
Duration: 6 minutes
Audience: CISOs and heads of information security; SOC managers and security operations leaders; IT and security architects; endpoint, infrastructure and technology owners responsible for security outcomes.
Date: May 2026
Disallow synchronisation of browser extensions
Maintain a whitelist of extensions that you trust
Block vulnerable drivers through enforced policies
Establish a proper incident response process
Run regular 'health checks' on your EDR devices
Use 'purple team' testing to simulate attacks
Integrate threat intelligence into your EDR solutions
CSIS Security Group A/S is a leading European pure-play provider of tech-enabled cybersecurity and intelligence services. Operating 24/7, we deliver Managed Detection & Response, Incident Response, Security Consulting across all sectors, and provide a world-class threat intelligence capability through our SecAlliance brand. Accredited by organisations including CREST, we actively support global security initiatives to positively impact the cyber community.