Educause Security Discussion mailing list archives
Re: Microsoft Defender ATP
From: Dexter Caldwell <dexter.caldwell () FURMAN EDU>
Date: Thu, 12 Mar 2020 18:39:36 +0000
Considering the same, however Defender was quite underwhelming by itself. With ATP Gartner has showed a huge turnaround in Microsoft's position in the quadrant in the last year or two. We're still digging into why that is. Is their AI really that much better in terms of detection and response? Is it just the way Gartner's formulas work for ranking? We have a multilayered approach we're evaluating currently, but I'm as interested in the answer to these questions as anyone. -----Original Message----- From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of King, Ronald A. Sent: Thursday, March 12, 2020 2:28 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Microsoft Defender ATP We are migrating f/staff to O365 later this year. We will also be setting up InTune. After, we will start to look at the potential for ATP to replace our AV. Ronald King Director of Technical Services and OIT Security Office of Information Technology (757) 823-2916 (Office) raking () nsu edu www.nsu.edu @NSUCISO (Twitter) -----Original Message----- From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Brian Epstein Sent: Thursday, March 12, 2020 1:26 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Microsoft Defender ATP We are also moving in this direction. It seems like Defender has caught up and will reduce our spend. Thanks, ep -- Brian Epstein <bepstein () ias edu> +1 609-734-8179 Manager, Network and Security Institute for Advanced Study Key fingerprint = A6F3 9F5A 26C5 5847 79ED C34C C0E5 244A 55CA 2B78 ----- Original Message ----- From: "Watkins, Jameson" <jmwatkins () PNWU EDU> To: "The EDUCAUSE Security Community Group Listserv" <SECURITY () LISTSERV EDUCAUSE EDU> Sent: Thursday, March 12, 2020 11:26:24 AM Subject: [SECURITY] Microsoft Defender ATP Hi all, Our Sophos anti-virus licenses are up for renewal this summer and we're reviewing the landscape. We've landed on looking at MS Defender ATP. It's ranked highly in the Gartner magic quadrant and reviews we've seen are favorable. The cost for us to move to the security option of the A5 license tier, when combined with everything else offered, makes it a hard deal to pass up. But I've not seen a peep out of customers using it, especially in higher ed. Is anyone using it? What are we missing? We also haven't seen details on how it handles ransomware. Sophos has a crypto guard that stops files from encrypting which has saved us at least once. Anyone have more info on how Defender handles it? Finally and more broadly, does anyone have advice on how you actually test endpoint detection without using live viruses? Thanks. Jameson Watkins Chief Information Officer Pacific Northwest University of Health Sciences 509.249.7719 www.pnwu.edu<http://www.pnwu.edu/> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Microsoft Defender ATP Watkins, Jameson (Mar 13)
- Re: Microsoft Defender ATP Menne, Michael S (Mar 13)
- Re: Microsoft Defender ATP Foss, Henry L. (Mar 13)
- Re: Microsoft Defender ATP Mercy Lopez (Mar 13)
- Re: Microsoft Defender ATP Brian Epstein (Mar 13)
- Re: Microsoft Defender ATP King, Ronald A. (Mar 13)
- Re: Microsoft Defender ATP Dexter Caldwell (Mar 13)
- Re: Microsoft Defender ATP Kimmitt, Jonathan (Mar 13)
- Re: Microsoft Defender ATP John Ramsey (Mar 13)
- Re: Microsoft Defender ATP King, Ronald A. (Mar 13)