Endpoint protection software for SMB recommendation
- Thread starter wesley
- Start date
Soldato
I work in IT security and we partner with most of the EDR vendors. I would choose Crowdstrike, SentinelOne or Cybereason.
In that order
By far the most important security control you should implement though is email management and filtering. The vast majority of breaches are initiated through email so get you mail filtered by the likes of forcepoint or mimecast - one of the filtering companies that puts attachments through either a sandbox or a converter that turns them into PDFs and removes all macros. This alone will almost guarantee you don't get compromised.
In that order
By far the most important security control you should implement though is email management and filtering. The vast majority of breaches are initiated through email so get you mail filtered by the likes of forcepoint or mimecast - one of the filtering companies that puts attachments through either a sandbox or a converter that turns them into PDFs and removes all macros. This alone will almost guarantee you don't get compromised.
Associate
Have a look at Field Effect Covalence. It's off the radar in the traditional sense (the typical pay to play reviews like Forrester or Gartner). I've just implemented it globally across 11,000 machines. Does EDR/XDR, DNS Filtering and shortly email filtering as well. Similar capabilities to Crowdstrike but without the heavy price tag.
I would have loved to have Crowdstrike Falcon and Falcon Response (previously done it in a financial services environment) but the budget wouldn't stretch to it
Still, anything is better than Palo Alto Cortex (TRAPS) which was the incumbent - what a crock of bovine excrement!
I would have loved to have Crowdstrike Falcon and Falcon Response (previously done it in a financial services environment) but the budget wouldn't stretch to it
Still, anything is better than Palo Alto Cortex (TRAPS) which was the incumbent - what a crock of bovine excrement!
Crowdstrike it pretty much the go to standard currently, and they will provide a support wrap around it. Something a small business will want to consider, depending on their risk appetite. EDR does require specialist knowledge, and will take a considerable amount of effort if it’s enabled.
if you don’t have a SOC/EDR requirements, etc then Microsoft Defender will likely be adequate, you can get a really good entire security suite from them, covering all the basics as part of their licensing model.
if you don’t have a SOC/EDR requirements, etc then Microsoft Defender will likely be adequate, you can get a really good entire security suite from them, covering all the basics as part of their licensing model.