Educause Security Discussion mailing list archives

Re: Endpoint protection vendors

From: Stacy Lee <sbl () STANFORD EDU>
Date: Sat, 21 Nov 2020 14:14:51 +0000

+1 For CrowdStrike.  We are rolling this out to our community currently.
Here is our service page for the curious: https://antimalware.stanford.edu

For those of you who were using Microsoft SCEP for MAC which was retired at the end of 2018 and then migrated to the 
Free ESET carry over, we were informed the license would expire on 12/05/2020 and after 13 days it would cease to 
function.  We already had plans the move to an EDR solution but this accelerated our deployment.

We evaluated several products in the EDR space.  Crowdstrike and S1 were our top two choices. CrowdStrike with falcon 
overwatch fit our needs best.  Integrations with Splunk and Proofpoint were quick painless.  Customer support has also 
been very good. We liked the more detailed telemetry off CS that can be helpful for post investigation incidents.

If you would like to discuss more on our evaluations we would be happy to jump on a zoom call with you to talk about 
our experiences.  @JasonAdams.

Stacy Lee
ISO | Security Operations
Stanford University




________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Scott Stoops 
<sstoops () ASHLAND EDU>
Sent: Friday, November 20, 2020 10:14 AM
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Endpoint protection vendors

We've used Crowdstrike for several years and are very happy with it.
--------------------------------------------------------------------------------------------------
Scott Stoops, CISSP
Security Analyst Engineer III
Office of Information Technology | 100 Patterson Technology Center
Ashland, OH 44805
(w) 419-289-5405
sstoops () ashland edu<mailto:sstoops () ashland edu>


On Fri, Nov 20, 2020 at 1:05 PM Kyrouz, Bill J. <Bill.Kyrouz () jenzabar com<mailto:Bill.Kyrouz () jenzabar com>> wrote:

I have experience with Crowdstrike (Enterprise) and Defender ATP.  Crowdstrike is an excellent solution, and I 
recommend considering Defender ATP if you have Microsoft Premier support (for better technical support and eligibility 
for add-on services).



From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Adams, Jason
Sent: Friday, November 13, 2020 5:43 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Endpoint protection vendors



CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you 
recognize the sender and know the content is safe.



Hello,



We are looking into replacing our traditional anti-virus (Avast) with “next-gen” EDR/EPP products. We are doing POC’s 
with Crowdstrike and SentinelOne (their enterprise-type package) but also looking at Cyberreason and possibly Sophos. 
Does anyone have experience with any of these and recommend one over the other? Is there another product we should 
consider?



Thanks in advance!



------------------

Jason Adams

Senior Director of Information Technology

Denver Seminary

6399 South Santa Fe Drive

Littleton, CO 80120

303-762-6936

www.denverseminary.edu<http://www.denverseminary.edu/>



Technology Questions? call: 303-762-6983 (x2020) or click here to email<mailto:helpdesk () denverseminary 
edu?subject=%20&body=Provide%20detail%20on%20how%20we%20can%20help%20you:> | IT Tips and 
News<https://denverseminary.sharepoint.com/sites/IT>

We are hiring! Visit: https://denverseminary.edu/about/employment/



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Current thread:

Endpoint protection vendors Adams, Jason (Nov 13)
- Re: Endpoint protection vendors Blake Ketcham (Nov 13)
- Re: Endpoint protection vendors Jason Edelstein (Nov 13)
  - Re: Endpoint protection vendors Steven Alexander (Nov 16)
- Re: Endpoint protection vendors Kyrouz, Bill J. (Nov 20)
  - Re: Endpoint protection vendors Scott Stoops (Nov 20)
    - Re: Endpoint protection vendors Stacy Lee (Nov 21)
  - Re: Endpoint protection vendors Benjamin Stein (Nov 20)
- <Possible follow-ups>
- Re: Endpoint protection vendors Curt Kappenman (Nov 13)
- Re: Endpoint protection vendors Eric Sawyer (Nov 16)
  - Re: Endpoint protection vendors Francisco Chavez (Nov 16)
    - Re: Endpoint protection vendors Uday Kiran (Nov 16)