Re: Microsoft Defender ATP

[Mercy Lopez <0000013bb1b55b08-dmarc-request () LISTSERV EDUCAUSE EDU>]

 I have worked with Windows Defender ATP and it is great!!
    On Thursday, March 12, 2020, 12:46:00 PM EDT, Foss, Henry L. <fossh () sacredheart edu> wrote:  
 
 
Sacred Heart is considering doing the same thing, except moving away from Symantec - now owned by Broadcom. But we like 
an application whitelisting agent, so we are also considering Carbon Black + Defender.  So we’d have the AV piece in 
addition to application whitelisting.
 
  
 
Just putting a bit of a segway on the original topic, but I’m curious which strategy others are considering if moving 
away from an AV vendor they have been using for some time.
 
  
 
  
 
  
 
Thank you
 
  
 
Hank Foss 
 
Manager of Security Infrastructure CISSP, MSCS, GPEN
 
Sacred Heart University
 
Main Campus HC112
 
Office: (203) 396-8279
 
Mobile: (203) 295-1356
 

 
  
 
  
 
  
 
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>On Behalf Of Watkins, Jameson
Sent: Thursday, March 12, 2020 11:26 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Microsoft Defender ATP
 
  
 
Hi all, 
 
  
 
Our Sophos anti-virus licenses are up for renewal this summer and we’re reviewing the landscape. We’ve landed on 
looking at MS Defender ATP. It’s ranked highly in the Gartner magic quadrant and reviews we’ve seen are favorable. The 
cost for us to move to the security option of the A5 license tier, when combined with everything else offered, makes it 
a hard deal to pass up.
 
  
 
But I’ve not seen a peep out of customers using it, especially in higher ed. Is anyone using it? What are we missing?
 
  
 
We also haven’t seen details on how it handles ransomware. Sophos has a crypto guard that stops files from encrypting 
which has saved us at least once. Anyone have more info on how Defender handles it?
 
  
 
Finally and more broadly, does anyone have advice on how you actually test endpoint detection without using live 
viruses?
 
  
 
Thanks. 
 
  
 
  
 
Jameson Watkins
 
Chief Information Officer
 
Pacific Northwest University of Health Sciences
 
509.249.7719
 
www.pnwu.edu
 
  
 
  
 
The sender of this email is external to Sacred Heart University. Do not click any links unless you know and trust the 
sender.
 
**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community
  

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community