@stacksofplates said in NG AV / Endpoint Protection in 2021:
@obsolesce said in NG AV / Endpoint Protection in 2021:
@hobbit666 said in NG AV / Endpoint Protection in 2021:
So in simple terms, people are saying dump the AV products like Webroot/Bitdefender/Eset and move over to a more SIEM orientated setup whether that's in house or externally managed (we wouldn't have the resources internally)
What about products like CrowdStrike, Cynet XDR, Mimecast. Does these fall into the SIEM realm? As they say they monitor machines for changes in system files/logs/other stuff for behaviour that looks like issues i.e. Virus/Ransomware.
It's not just about having an anti-virus software updated to the latest definitions. I would say definition based malware threats are pretty much the basic 1-9% of the whole picture. This is where the solutions such as some CrowdStrike products and Microsoft 365 Defender come into play to cover the ~90% of the whole picture.
https://www.amazon.com/UNIDOPRO-Socket-Tapping-Bottle-Bracket/dp/B07G3XS4W8
Thanks for the bolt recommendation.
Oops, copied link from wrong browser tab lol, fixed link in post.