I'm conflicted. Like most software in the enterprise security realm, it promises to be a tad too all-singing all-dancing. It's often pricey. It might find a crypto miner, but is that really important to mitigate within milliseconds? Would it find a targeted crafted Trojan backdoor, wouldn't the malicious actor test their payloads on commercial EDR products prior to the attack anyway? And their is a privacy concern that the employer has root access on your devices. And that it hogs your CPU at all times. You need to deal with a lot of false positives that blocks progress for both your engineers and your security analysts. And all BYOD is still fully unprotected, as well as other endpoint you might have (Cloud APIs, supply chains integrations, third party network devices).
Depending on your threat modeling, I wonder if you can mitigate most of your risk with other factors. Better monitoring on the next layer in your infrastructure, stronger authentications mechanisms, least privilege, zero trust thinking, honeypots?
I'd like to be wrong, but if anyone has seen this work and/or not work, I'd like to hear your thoughts.
Keep in mind that you will need to implement monitoring based on data produced by EDR and corresponding incident handling. This is more difficult than paying for software and deploying it to your assets.