What do you use for endpoint security?

  • 10 September 2019
  • 14 replies
  • 49 views

Userlevel 7

I’ve worked at Webroot and am a big fan of their AV. What do you guys use for your endpoint security and/or antivirus?


This topic has been closed for comments

14 replies

Badge

Right now we’re using CylancePROTECT and it’s been great for us. Hefty setup on the front end but once you have it configured for your organization, it’s cake.

Userlevel 7

Yeah I’ve used it at home, thanks to @Richard hooking me up. Have they rolled out the home version to you guys yet?

Badge

Oh, I didn’t even know that was a thing, to be honest… LOL

Userlevel 7

Last I heard they were giving it to customers to use on their home machines in addition to their office ones. Maybe it’s something they never fully rolled out?

Our main org is using SEP, but our tax division is using Carbon Black.

Userlevel 7

Carbon Black is solid. They have an office in Boulder right across the street from us.

Sweet, I’ve seen some of their documentation, but I’ve never got to play with it. I’ve heard it’s way better than SEP though. 😛

I’ve been using CB Defense (Carbon Black) for a couple of years in place of Webroot. Works well. Recently we purchased Malwarebytes w/Response to run along side as a second layer of protection. Unfortunately I’m having one heck of a time getting them to play nicely together even though both sides will tell you they have “no problems or conflicts” with the other 😦

Userlevel 7

That’s not uncommon, for conflicts to happen no matter what they say. Was there a particular type of attack you were looking to protect against with Malwarebytes that CB doesn’t catch?

Hey Nic! Not particularly. I realize they probably have many similarities while at the same time many differences. My goal was to have two applications that have entirely different detection engines / methods of discovery providing a layered approach. In the event one misses the hope is the other covers the void. Additionally I do like the response element Malwarebytes brings to the table giving the option to roll back if caught within the recovery window. That said if this comes down to one over the other due to lack of compatibility do you (or others) have an opinion regarding which to go with as single endpoint solution. My hope it that I eventually find the balance between the two. So far in testing running both brings a system to it’s knees performance wise even with all of the exclusions for each listed. To more directly answer your question…ransomeware in general.

Userlevel 7

I’d probably go with Carbon Black over Malwarebytes, if you had to pick one. My guess is that the incompatibility is on the CB side, as I’ve seen it barf on unrecognized software before. What’s the behavior or error message you get when you try to run Malwarebytes with CB installed?

I’m certain that’s where the problem is. It’s very aggressive. I’m not getting any errors. MB will install successfully. It’s performance that is taking a major hit. The system is almost unusable. Each application has a list of exclusions to list within each each to avoid them fighting directly with themselves. My next step is to try to involve the support side from each. Of course we know how that goes…it’s the other guys fault 🙂 While I do like CB Defense I am not a fan of their support structure at all. I personally hate forum a.k.a. email tag support offerings. I’d rather wait on hold for 30 minutes to speak with someone as opposed to 2 or 3 days of email exchanges that lead nowhere but to more frustration.

Userlevel 7

Yeah in these types of situations it’s nice if you can get both support folks on a conference call and work through it real time. Let us know if you make any breakthroughs!

Will do…thanks for the feedback. This is why I love Automox. A great product with a support team always willing to lend a hand and offer advice!