Antivirus tools including software and hardware solutions are becoming increasingly effective at preventing malware from infecting individual computers as well as enterprise computing topologies. However, such antivirus tools are not foolproof thereby making such computers and enterprise computing topologies susceptible to malicious activity. To counter such malicious activities, endpoint detection and response (EDR) systems have been employed to identify suspicious activities as well as contain and remediate identified threats to reduce the likelihood of sensitive data loss.