Performance impact when using EDR


I decided to replace another EDR with OpenEDR/xcitium on a couple Windows 2016-2022 Servers running SQL/ASP workload. I noticed an immediate impact to performance, page load times are 20-30x. I ended up creating some configuration profiles and consecutively disabling various protections but ever with everything disabled and just the agent running the impact is significant. Are there any other changes available to address this?


Hi @tommak

Apologise for the inconveniences caused.
I will check with the team and get back to you with best solution.
Thank you for your understanding.

Hi @tommak , could you please share EDR agent version number?

Hi, I think we have the same issue form time to time, since we updated to v2.6 clients have been complaining their machines are slower than normal. We are removing some of them and installing v2.5 and seems to be okay for now. But i do see the new hotfix wil fix the performance issues

Hi @QuickSilverST / @tommak ,

Regret the inconveniences you are facing.

Our technical team requires logs to investigate further about the issue.
Request you to download and run the CisReportTool in order to collect the XCC and the XCS logs:

The tool collects both XCC & XCS logs and attempts to upload them to our SFTP (Device name is included in the name of the output).

1.1. Download RAMMap tool by the link - RAMMap - Sysinternals | Microsoft Learn.
1.2. Unzip archive.
1.3. Run unzipped file RAMMap.exe, select ‘File’ in the menu → Save.

2.1. Download vmmap tool by the link - VMMap - Sysinternals | Microsoft Learn.
2.2. Unzip archive.
2.3. Run unzipped file vmmap.exe, select cmdagent.exe and click OK.

2.4. Select ‘File’ in the menu → Save → cmdagent.

Once you have collected the logs request you to share the same with us to escalate it to the corresponding team.

Thank you!

hi @tommak & @QuickSilverST

could you please share the logs so that we can forward it to respective team for further investigation and resolve the same,