Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Next Gen Antivirus / Endpoint Protection Solutions

From: Taylor Randle <TRandle () PARKER EDU>
Date: Tue, 16 Oct 2018 18:22:54 +0000
Hi Erick,

We're in progress of switching from on-prem Symantec to Crowdstrike. I realize you're more interested in the AV side 
but, the biggest selling point to us over other offerings was the "OverWatch" service. Which consists of a team on 
their end who "proactively monitor, hunt, investigate, and advise on threat activity in your environment" - so you're 
essentially getting another member of the security team bundled with the product. As a small team, we saw this as a 
huge benefit to us. This was how we were able to justify the higher-than-Symantec price tag.

As for the AV specifically, from what we've seen in the proof of concept thus far, it's pretty much in line with other 
"next-gen" offerings - lightweight agent, heuristic/behavior-based approach rather than traditional file 
signature-based scanning, crowdsourcing of other behavior "signatures" from others on the platform, etc.

We priced Cylance and Carbon Black as well and ultimately decided on Crowdstrike for a variety of factors but price and 
the OverWatch feature are what tipped the scales for us.

Regards,
Taylor


Taylor Randle
Director of Client Services & IT Security

[Description: Description: Description: 
https://www.parker.edu/uploadedImages/0000_Home/0012_Images/Email_Signature/Parker_H_RGB.png]

2540 Walnut Hill Lane, Dallas, TX 75229
trandle () parker edu<mailto:trandle () parker edu>
www.parker.edu<http://www.parker.edu/> | www.parkerseminars.com<http://www.parkerseminars.com/>

[Description: Description: Description: 
https://www.parker.edu/uploadedImages/0000_Home/0012_Images/Email_Signature/Twitter_Icon_RGB.png]<http://www.twitter.com/ParkerUniv>

................................................





From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Erick.Matherly
Sent: Tuesday, October 16, 2018 10:44 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Next Gen Antivirus / Endpoint Protection Solutions

Hello!

We are looking at some of the Next Gen Antivirus solutions. I know there are quite a few players in the game, but I'm 
currently interested in CrowdStrike, SentinelOne, Sophos, Cylance, Carbon Black, and Palo Alto Traps.

I would love to hear about what others schools are using and how the experience has been. I know some players have EDR 
(Endpoint Detection and Response) built in or as an additional component. I'm strictly looking at the Antivirus at the 
moment, but do like the idea of being able to add EDR (or additional features) down the road if it is not built into 
the core product.

We are currently using Windows Defender Antivirus.

Thanks for the input!


[cid:image010.jpg@01D46553.498F8360]<https://protect-us.mimecast.com/s/bkRmCADrOESNJ87DiGmHVp?domain=trnty.edu>

Erick Matherly
Network Administrator | Trinity Christian College
6601 West College Drive | Palos Heights, Illinois 60463

[cid:image011.png@01D46553.498F8360]<https://protect-us.mimecast.com/s/9K7fCBBvEGt7JyELS69s9i?domain=facebook.com>[cid:image012.png@01D46553.498F8360]<https://protect-us.mimecast.com/s/TiX9CDkxEKS5ryg8UAUmOz?domain=twitter.com>[cid:image013.png@01D46553.498F8360]<https://protect-us.mimecast.com/s/5OazCERyQLi3oYRZtPPCWK?domain=instagram.com>[cid:image014.png@01D46553.498F8360]<https://protect-us.mimecast.com/s/kCLuCG6AKNC1Z6jzSkbRSl?domain=linkedin.com>

708.239.4818  | Erick.Matherly () trnty edu<mailto:Erick.Matherly () trnty edu>

Previous By Date Next
Previous By Thread Next

Current thread: