Which of the following best describes the primary function of Endpoint Detection and Response (EDR) tools in cybersecurity?