Educause Security Discussion mailing list archives
Re: Endpoint protection vendors
From: Stacy Lee <sbl () STANFORD EDU>
Date: Sat, 21 Nov 2020 14:14:51 +0000
+1 For CrowdStrike. We are rolling this out to our community currently. Here is our service page for the curious: https://antimalware.stanford.edu For those of you who were using Microsoft SCEP for MAC which was retired at the end of 2018 and then migrated to the Free ESET carry over, we were informed the license would expire on 12/05/2020 and after 13 days it would cease to function. We already had plans the move to an EDR solution but this accelerated our deployment. We evaluated several products in the EDR space. Crowdstrike and S1 were our top two choices. CrowdStrike with falcon overwatch fit our needs best. Integrations with Splunk and Proofpoint were quick painless. Customer support has also been very good. We liked the more detailed telemetry off CS that can be helpful for post investigation incidents. If you would like to discuss more on our evaluations we would be happy to jump on a zoom call with you to talk about our experiences. @JasonAdams. Stacy Lee ISO | Security Operations Stanford University ________________________________ From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Scott Stoops <sstoops () ASHLAND EDU> Sent: Friday, November 20, 2020 10:14 AM To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Endpoint protection vendors We've used Crowdstrike for several years and are very happy with it. -------------------------------------------------------------------------------------------------- Scott Stoops, CISSP Security Analyst Engineer III Office of Information Technology | 100 Patterson Technology Center Ashland, OH 44805 (w) 419-289-5405 sstoops () ashland edu<mailto:sstoops () ashland edu> On Fri, Nov 20, 2020 at 1:05 PM Kyrouz, Bill J. <Bill.Kyrouz () jenzabar com<mailto:Bill.Kyrouz () jenzabar com>> wrote: I have experience with Crowdstrike (Enterprise) and Defender ATP. Crowdstrike is an excellent solution, and I recommend considering Defender ATP if you have Microsoft Premier support (for better technical support and eligibility for add-on services). From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Adams, Jason Sent: Friday, November 13, 2020 5:43 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Endpoint protection vendors CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Hello, We are looking into replacing our traditional anti-virus (Avast) with “next-gen” EDR/EPP products. We are doing POC’s with Crowdstrike and SentinelOne (their enterprise-type package) but also looking at Cyberreason and possibly Sophos. Does anyone have experience with any of these and recommend one over the other? Is there another product we should consider? Thanks in advance! ------------------ Jason Adams Senior Director of Information Technology Denver Seminary 6399 South Santa Fe Drive Littleton, CO 80120 303-762-6936 www.denverseminary.edu<http://www.denverseminary.edu/> Technology Questions? call: 303-762-6983 (x2020) or click here to email<mailto:helpdesk () denverseminary edu?subject=%20&body=Provide%20detail%20on%20how%20we%20can%20help%20you:> | IT Tips and News<https://denverseminary.sharepoint.com/sites/IT> We are hiring! Visit: https://denverseminary.edu/about/employment/ ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Endpoint protection vendors Adams, Jason (Nov 13)
- Re: Endpoint protection vendors Blake Ketcham (Nov 13)
- Re: Endpoint protection vendors Jason Edelstein (Nov 13)
- Re: Endpoint protection vendors Steven Alexander (Nov 16)
- Re: Endpoint protection vendors Kyrouz, Bill J. (Nov 20)
- Re: Endpoint protection vendors Scott Stoops (Nov 20)
- Re: Endpoint protection vendors Stacy Lee (Nov 21)
- Re: Endpoint protection vendors Benjamin Stein (Nov 20)
- Re: Endpoint protection vendors Scott Stoops (Nov 20)
- <Possible follow-ups>
- Re: Endpoint protection vendors Curt Kappenman (Nov 13)
- Re: Endpoint protection vendors Eric Sawyer (Nov 16)
- Re: Endpoint protection vendors Francisco Chavez (Nov 16)
- Re: Endpoint protection vendors Uday Kiran (Nov 16)
- Re: Endpoint protection vendors Francisco Chavez (Nov 16)