Microsoft Defender ATP

["Watkins, Jameson" <jmwatkins () PNWU EDU>]

Hi all,

Our Sophos anti-virus licenses are up for renewal this summer and we're reviewing the landscape. We've landed on 
looking at MS Defender ATP. It's ranked highly in the Gartner magic quadrant and reviews we've seen are favorable. The 
cost for us to move to the security option of the A5 license tier, when combined with everything else offered, makes it 
a hard deal to pass up.

But I've not seen a peep out of customers using it, especially in higher ed. Is anyone using it? What are we missing?

We also haven't seen details on how it handles ransomware. Sophos has a crypto guard that stops files from encrypting 
which has saved us at least once. Anyone have more info on how Defender handles it?

Finally and more broadly, does anyone have advice on how you actually test endpoint detection without using live 
viruses?

Thanks.


Jameson Watkins
Chief Information Officer
Pacific Northwest University of Health Sciences
509.249.7719
www.pnwu.edu<http://www.pnwu.edu/>



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community