![]() I have never seen anything like that before or since, in my 45 years in IT. The worst possible move was to let me see that rampant infection. The amount of infection was ungodly, was unbelieveable. And I was given a demo from a master distributor thay had over 500 companies in that master partner console. I heard the same statements about how well liked the product was, so I looked at Webroot long and hard. I have also seen Webroot deny it, but this was from their own forum: I originally saw this post here on Spiceworks, from an MSP, who said "email a virus to your client, and see what happens to your reputation" as it killed it. Webroot has NO definitions, it is purely behavioral based, so it allows invections to persist on your network, and allows infected files to be emailed out of a Webroot protected system (oxy moron) to your clients without your knowledge. I have come to believe that this is essential in today's threat landscape, and that "scanning engines" just don't do it anymore.ĭear kjv611, I absolutely can expand on why webroot scares the $h!+ out of me! Symantec's SEP is also fairly effective, but has many moving parts.Īll of these three use (in whole or in part) a behavior-based analysis and cloud-sourced reputation services along with security experts feeding into a real-time threat intelligence knowledge pool (often called a "graph"). However, Defender ATP is not as easy to install as Crowdstrike. We basically used it to stop the rampage as we cleaned up the mess.Īlternatives include Defender ATP - if you are already invested in MS Management, and/or already have it licensed. It is a different paradigm and takes a bit of getting used to but it is extremely effective, very lightweight, and easy to install. My current recommendation is Crowdstrike Falcon and the Next-Generation Antivirus (NGAV). In fact, I was rebuilding computers that were completely trashed while running the Vipre endpoint. We have recently left Vipre at my largest site because it routinely failed to stop ransomware. On my home workstation though, I love my BitDefender, lightweight and very easy to deploy across my home network. Our clients seem to love both of the platforms and our SOC has been able to intercept fileless attacks using both platforms. We use Crowdstrike with a ton of our clients along with Carbon Black Defense and have had a lot of success with both of those platforms. I don't use Sonicwall at all either, I'm a Fortinet fan, just threw that out there to offer fair feedback. Plus I wear the free hat I got from Crowdstrike daily, it looks pretty cool. May not have been their focus that day, who knows. Sonicwall claims to be heading that direction with their endpoint security, but when I made it around to the Sophos booth, nothing was said about fileless attacks. Used a 1Yr free license at home though and have no complaints.Īnyhow, not going to write a novel, but it piqued my interest for sure. I've been a fan of Webroot over the last 2-3 years as well, but haven't made a switch at work. I turned around and they had my full attention. ![]() As I was about to walk away, I heard them talking about ditching file scans and monitoring for malicious fileless attacks before it ever writes to files. I met with their team with high skepticism at a CDW event at the Cowboys stadium recently. ![]() I would actually advise checking into Crowdstrike first and get a demo of it. I'm currently using Sophos with Intercept-X. Please feel free to reach out to me or any of the other Sophos Spiceheads if you have any other questions about Intercept X. I'd say in many cases that the cost of getting compromised by ransomware or dealing with a data breach far exceeds any marginal performance differences on the endpoint. As tulioarends says, in many cases, agent performance is not a big issue in real-world use. Intercept X may not be the lightest agent, but that is in part because of the depth of protection it provides. Sophos also has earned 6 of 6 in protection from AV-Test for Windows Opens a new window, macOS Opens a new window, and Android Opens a new window, and #1 for protection on NSS Labs Advanced Endpoint Protection Opens a new window. Sophos Intercept X received a "AAA" rating on that test and every Opens a new window subsequent Opens a new window test Opens a new window from SE Labs. To my knowledge, the last time Webroot participated in a public efficacy test, it was when it received a "C" rating from SE Labs Opens a new window last year. Then as I investigated more, the consensus is Webroot is the lightest weight - but I could not find much about how it compares to the others in protection and ease of management. I was intrigued by Sophos Intercept X system. I have been using Trend Micro Worry Free for a couple of years and like it's management and protection. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |