EDR (Endpoint Detection and Response) products attempt to detect misbehavior that slightly  deviates from the baseline, by continuously analyzing the memory for inter-process interactions. While a few so-called EDRs are still strongly based