Educause Security Discussion mailing list archives
Re: Microsoft Defender ATP
From: "Foss, Henry L." <fossh () SACREDHEART EDU>
Date: Thu, 12 Mar 2020 16:45:50 +0000
Sacred Heart is considering doing the same thing, except moving away from Symantec - now owned by Broadcom. But we like an application whitelisting agent, so we are also considering Carbon Black + Defender. So we'd have the AV piece in addition to application whitelisting. Just putting a bit of a segway on the original topic, but I'm curious which strategy others are considering if moving away from an AV vendor they have been using for some time. Thank you Hank Foss Manager of Security Infrastructure CISSP, MSCS, GPEN Sacred Heart University Main Campus HC112 Office: (203) 396-8279 Mobile: (203) 295-1356 [cid:image001.jpg@01D5F86C.2939D4F0] From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Watkins, Jameson Sent: Thursday, March 12, 2020 11:26 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Microsoft Defender ATP Hi all, Our Sophos anti-virus licenses are up for renewal this summer and we're reviewing the landscape. We've landed on looking at MS Defender ATP. It's ranked highly in the Gartner magic quadrant and reviews we've seen are favorable. The cost for us to move to the security option of the A5 license tier, when combined with everything else offered, makes it a hard deal to pass up. But I've not seen a peep out of customers using it, especially in higher ed. Is anyone using it? What are we missing? We also haven't seen details on how it handles ransomware. Sophos has a crypto guard that stops files from encrypting which has saved us at least once. Anyone have more info on how Defender handles it? Finally and more broadly, does anyone have advice on how you actually test endpoint detection without using live viruses? Thanks. Jameson Watkins Chief Information Officer Pacific Northwest University of Health Sciences 509.249.7719 www.pnwu.edu<http://www.pnwu.edu/> The sender of this email is external to Sacred Heart University. Do not click any links unless you know and trust the sender. ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Microsoft Defender ATP Watkins, Jameson (Mar 13)
- Re: Microsoft Defender ATP Menne, Michael S (Mar 13)
- Re: Microsoft Defender ATP Foss, Henry L. (Mar 13)
- Re: Microsoft Defender ATP Mercy Lopez (Mar 13)
- Re: Microsoft Defender ATP Brian Epstein (Mar 13)
- Re: Microsoft Defender ATP King, Ronald A. (Mar 13)
- Re: Microsoft Defender ATP Dexter Caldwell (Mar 13)
- Re: Microsoft Defender ATP Kimmitt, Jonathan (Mar 13)
- Re: Microsoft Defender ATP John Ramsey (Mar 13)
- Re: Microsoft Defender ATP King, Ronald A. (Mar 13)