Hi,

I practice what I think is pretty good hygiene. I have my own router/firewall (pfSense), I don't expose ports to the internet, I am careful with email and web sites, you name it. There's still the risk that something is going to get through (especially with teenagers in the house), so I'd like to put really good endpoint detection/anti-malware software on our home PCs (and my home server).

In the enterprise space, Microsoft Defender for Cloud has a good reputation so I have been assuming that Defender (that comes with Windows) was a good (and free!) choice. However, one of my computers was attacked with ransomware this weekend, so maybe not.

What would you recommend? I see a lot of good reviews for ESET. I see I can also buy CrowdStrike Falcon Go for home as well.

Any thoughts?

Thanks!

I am looking for recommendations of the best endpoint protection in my home. Application to work behind a firewall (Firewalla Gold). I use Windows and iOS devices. Currently use Bitdefender Total Security and Windows Defender on Win 10,11 devices. Bitdefender Armor on iOS devices. I also have about 140 devices as IoT, media, etc. Appreciate suggestions or layers to use and any well known software to not use. Thank you

I want to start securing the home devices with a good EDR solution. Doing some simple google searches for AV for Windows 10/11 just show what i've always though of as Basic AV's.

AV / EDRs I know and mostly trust are Crowdstrike, Huntress, or SentinelOne but they either don't offer home plans or CS would run $25-40/month which is high to jump into without some research.

What i'm asking here is what AVs or EDRs do you use at home? Anything that you can generally trust or heard around.

thanks guys!

Hey, I'm sysadmin for a IT consulting company with about 60 users. We've been using Kaspersky Endpoint Protection for 3 years now. As I started looking into device deployment and management with Intune recently I came accross the endpoint security solution built into Intune. Is it worth it cancelling Kaspersky and moving on using their solution?

I own a small IT consultancy business mostly doing break/fix, workstations, servers and networks for about 400 endpoints, about 70% SMBs and the rest are home users. Malware and hacks have been brutal and relentless lately and I am looking for a way to offer better security to my clients. I had partnered with Emsisoft, but a bad experience has caused me to lose confidence in them. I believe that I need to have a more robust system than simple antivirus. I don't want to become a full time security expert but would like to partner with a company to provide those services. I don't mind monitoring and responding when needed but would really like to be proactive with security instead of reactive.

I have been looking at several providers but most of them have minimum's that I will not be able to reach. What are your recommendations for a low cost EDR/AV/MDR (getting overwhelmed by all the acronyms) partner?

I've read a hundred articles, watched too many videos and tried too many systems and cannot decide for the life of me what's best for my org.

I'm sysmanager for a small/med size business in UK, around 60 endpoints. Mainly managed through online Entra (Azure sounded nicer, they shouldn't have changed it) and I'm debating moving everyone to Business Premium and using the Defender for Endpoint service (but seems difficult to manage in comparison to something like Webroot, which currently using via Atera on a monthly cost).

Basically just want something that's cost effective, will actually keep things better protected and also easy to manage.

Opinions seem all over the place so finally hitting Reddit for a non-affiliate linked review of where things stand in 2024

Cheers

I was recently assigned the task of evaluating new solutions to replace our existing Endpoint Protection (SEP, DLP). While the company was considering using Microsoft products due to our M365 environment, it seems that many aspects are still lacking. What would be some good alternative solutions?

Been looking at few products regulars like Bitdefender, Kaspersky, Symantec Endpoint, some of these "newer" seeming ones like Carbon Black. Reading reviews and posts like here on sysadmin people talking about managing thousands of endpoints.

Sys admins with around 100 endpoints what do you use or would recommend? Or what do you use and hate?

I'm about to remove our existing solution from users devices - Kaspersky Endpoint Security Cloud.

It's kinda breaking my heart doing it as I think it's pretty good at what it does and is really easy to manage endpoints and onboard/offboard devices. But I can understand why I'm being asked to do this.

We don't use Microsoft AD... we use Google Endpoint Management - this is how I push policy's etc. The users login in to devices using their Google credentials.

What's a good alternative - I have 100 Windows 10/11 users?

Recently had reason to set up a Windows 10 box. My understanding is that Windows is a lot more secure by default than was the case 10+ years ago, whilst at the same time threats have evolved.

What are some best practices for home use? Assume a good level of technical competence and not so much "basics to help granny not get cryptolocked".

We are currently investigating endpoint protection, as our ESET licenses are set to expire in June. I've currently got a quote from Sophos for InterceptX (with and without EDR).

I'm going to be hitting up Palo Alto for a tech/sales demo of TRAPS, as we already use PA firewalls and Panorama to manage them, so the integration of firewalls and endpoint protection makes sense.

I was wondering what other sysadmins more caught up on endpoint protection would recommend? I've been directed to look at Microsoft Defender for Endpoint as we already have a bunch of A5 licenses and we could purchase more. It looks like you really need SCCM though for that, or am I reading old information? We haven't yet been able to justify the time cost for SCCM, but it's kind of one of the solutions looking for a problem that we're keeping in our desk drawers - we all would like to have proper centralized software management. I'm also having a hard time finding reasonable information on whether it's junk or not - have any bigger organizations you all work for used it exclusively or primarily?

If you were at the point you could change endpoint vendors right now, who would you be contacting?

We're looking at protection for 18DCs, 11 various windows servers, 2000 workstations and about 1000 staff users. We would much prefer a cloud-based management system vs an on-prem server as our VM resources are already stretched.

I'm very interested in any suggestions or discussion - what we have now is a barely working hot mess because of an employee who left last year and we know this is something we need to prioritize.

I would like to be able to use an app to log in as the network administrator, view the list of all managed PCs in my house and selectively apply access policies that can restrict Internet access by IP, domain, keyword or shut the internet down completely.

This is a serious inquiry.

What are you using for EDR and how good of a value is it?

I just wanted to share some information, please add to the list.

Obviously there is more than endpoint protection when it comes to securing your end users but, it does play a critical role for mitigating some of the possible risks.

Sophos

We use Sophos MSP subscription and that is licensed per user.While most users are using Corp devices, others don't have that luxury and are using their own devices.If you send them an installer from Central, you can assign the same user from their work device, and they will have close to the same protection without incurring additional costs.

If you also have the Sophos firewall, be sure to take a look at their Clientless access to make remote sessions a bit easier.

SentinelOne

I also saw SentinelOne is offering their Core product no charge until May 17th.

I'm mobile and plan on updating with more information soon.

Also, many people are trying to take advantage of end-users using the Covid19/Coronavirus through phishing, malware, scams, etc. The most important form of security seems to be least exercised and that is education!

I guess you get a lot of these so I'll keep it brief, we've cancelled Kaspersky because it's russian and our country doesn't have good relations with them, and we need a new AV. I did some brief research on popular ones, particularly BitDefender and Norton. There seems to be a ton of conflicting opinions, some people say they're great, others swear they're the worst piece of software ever made, and I don't have the time to do research in depth. I'd appreciate some brief straightforward recommendations. Thanks in advance.

Hi, I'm looking for a free or low cost endpoint security. We are nonprofit and don't have much of a budget for tech stuff. we have 11 workstations and a Windows Server. Currently we are using Norton Small Business installed on each of our workstations and just Windows Defender on the server. Our Licenses are for Norton are expiring in less than 30 days so i'm hoping when that happens ill be able to switch to something better. Does anyone have any suggestions?

Looking for a consumer grade end point product to add to our stack. Any suggestions?

Just to clarify, consumer grade is home/individual use. Rather than business or enterprise.

I've been working with a small company who has poor security practices. They have Sentinel One for endpoint protection, but some of their users report people taking over their computer from time to time, and another person had a huge cyber security incident in the past few days. They were signing off on an invoice, told someone in accounting to pay it and moments later the accountant got a follow up email from the original person who sent the invoice asking them to send it to another account.

Luckily the accountant double checked and sure enough it was a scam, but not by the first person. A domain was created specifically for this scam attempt, with an email account matching the real person. The domain was just a letter off from the real domain, which could have easily been missed.

I'm convinced one of the two users have compromised email accounts. But on the off chance that someone has hacked their actual computer and is 'watching', what endpoint protection would best deal with that sort of threat? One of the people mentioned their web cam zooms in and out randomly, which by itself sounds like a random tech issue. But I'm thinking their machine could be compromised..

Sentinel One dgaf, no strange warnings. So either it's all in Office 365, or we need better EndPoint Protection. (They're not running MFA, that's another thing they're fixing immediately)

I need something to put on my home server and open to any endpoint protection suggestions.