Re: Next Gen Antivirus / Endpoint Protection Solutions

[Curt Kappenman <ckappenman () ANDERSONUNIVERSITY EDU>]

Erick,

We have been using Cylance for a year and a half now.  At the beginning we were running both Sophos and Cylance.  We 
have been running Cylance only since June.  Cylance has served us very well.  Their system catches problems at a time 
that most AVs will not (when they first show up to the world).  If you need a EDR type option, you can add Cylance 
Optics to the package and now get the granular info on events and process at a simple click (from the same console).

I have been in this industry for 25 years (mostly in the private sector). Cylance has definitely brought a change to 
the industry.  I am no longer responding to try and resolve the damage done, I am looking into why something was 
blocked and, if requested, seeing if an exception can be made for it to run.  This is my preferred way to go at 
protection.

Curt Kappenman
Security Compliance Officer / Systems Technician

[cid:image002.png@01CE928D.7FDE1D30]<http://www.andersonuniversity.edu/it.aspx>


316 Boulevard, Anderson, SC 29621
Phone: (864) 231-2850
Help Desk: (864) 231-2457
ckappenman () andersonuniversity edu<mailto:ckappenman () andersonuniversity edu>
www.andersonuniversity.edu<http://www.andersonuniversity.edu/>

Note: This message contains information which may be confidential and privileged. Unless you are the addressee (or 
authorized to receive for the addressee), you may not use, copy or disclose to anyone this message or any information 
contained in this message. If you have received this message in error, please advise the sender by replying to 
ckappenman () andersonuniversity edu<mailto:ckappenman () andersonuniversity edu>, and delete the message. Thank you 
for your cooperation in this matter.

[Facebook]<https://www.facebook.com/pages/AU-Information-Technology/248016151900704>[Twitter]<https://twitter.com/#!/AUTechnology>

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Erick.Matherly
Sent: Tuesday, October 16, 2018 11:44 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Next Gen Antivirus / Endpoint Protection Solutions

Hello!

We are looking at some of the Next Gen Antivirus solutions. I know there are quite a few players in the game, but I'm 
currently interested in CrowdStrike, SentinelOne, Sophos, Cylance, Carbon Black, and Palo Alto Traps.

I would love to hear about what others schools are using and how the experience has been. I know some players have EDR 
(Endpoint Detection and Response) built in or as an additional component. I'm strictly looking at the Antivirus at the 
moment, but do like the idea of being able to add EDR (or additional features) down the road if it is not built into 
the core product.

We are currently using Windows Defender Antivirus.

Thanks for the input!


[cid:image009.jpg@01D465F5.F4286D30]<http://www.trnty.edu/>

Erick Matherly
Network Administrator | Trinity Christian College
6601 West College Drive | Palos Heights, Illinois 60463

[cid:image010.png@01D465F5.F4286D30]<https://www.facebook.com/trinitychristiancollege>[cid:image011.png@01D465F5.F4286D30]<https://twitter.com/trinitytroll>[cid:image012.png@01D465F5.F4286D30]<https://www.instagram.com/trinitytrolls/>[cid:image013.png@01D465F5.F4286D30]<https://www.linkedin.com/company/trinity-christian-college>

708.239.4818  | Erick.Matherly () trnty edu<mailto:Erick.Matherly () trnty edu>