Endpoint Detection & Response (EDR) is frequently used by organizations as the first line of defense against cyber attacks. EDR platforms monitor organizations’ endpoints (servers, employee laptops, etc) and detect and contain malicious activity running where possible. In this blog, we will be exploring a ransomware attack in a lab environment, using payloads inspired from real attacks.