Educause Security Discussion mailing list archives
Double Decker -- Antivirus (ATP vs. SEP) and Web App Transaction Monitoring
From: "Foss, Henry L." <fossh () SACREDHEART EDU>
Date: Tue, 12 May 2020 13:34:54 +0000
Good Morning All, Hope this finds everyone doing well. I would like to get thoughts on two different items, unrelated: 1. SEP vs. Defender ATP: I'm curious if anyone has made the move from to Defender ATP, or if you've actually moved away from SEP in the process. Defender ATP is relatively new so the jury may still be out, but it would be interesting to get some thoughts on it.
From what I've seen and heard of Defender ATP it seems powerful along with its visibility, console views, and vulnerability management pieces, although there may be some mixed reviews - not the least of which is virus detection rates tend to be below competitors.
1. Web Application Transaction Monitors: We like to simulate a logon to a web application from the outside in, which requires transaction monitoring. This is initially implemented through a web recording. Uptrends (external monitoring service like Alertbot) offers this, but not necessarily at a very low price. MS SCOM offers this as well, but it does not appear to offer a credentialed run of the monitor. Curious what others are using for site monitoring. Any feedback is much appreciated. Thank you Hank Foss Manager of Security Infrastructure CISSP, MSCS, GPEN Sacred Heart University Main Campus HC112 Office: (203) 396-8279 Mobile: (203) 295-1356 [cid:image001.jpg@01D62840.97522790] ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Double Decker -- Antivirus (ATP vs. SEP) and Web App Transaction Monitoring Foss, Henry L. (May 12)