Endpoint Protection and Utilization of E5 Features: - Do you use Microsoft Defender EDR for Endpoint EDR? If not, what product do you use (e.g., CrowdStrike, SentinelOne, CarbonBlack)? - If you have Microsoft E5 licenses, are you utilizing all features as your primary and only solution for each domain (e.g., Endpoint protection, Information protection, vulnerability management)? Or do you have other solutions in place either alongside or in place of the included capabilities in E3/E5?
Sort By:
Oldest
Director of IT3 months ago
We do not use E5 licensing. We use E3 and CrowdstrikeCISO in Insurance (except health)3 months ago
We do have E5 licensing but use Crowdstrike as an EDR.
Couple of quick comments, happy to get on a call if you want to talk more thoroughly.
-- We have a MSFT E5 and use InTune for MDM and endpoint protection (antivirus/malware), Cloud Application security to restrict web browsing, and Defender for vulnerability management.
-- In addition to Defender, we also use NESSUS for a layered approach.
-- We use SUMO Logic for logging endpoint activity in addition to MSFT Defender.
-- We use Thycotic for prevention of application execution at endpoints. This helps us block any data exfiltration applications from running.
-- We do not license SentinelOne in addition to the E5.
-- We are using OKTA for identity services, but are looking into switching to MSFT Identity Services since it's in the E5 and coming along in capability.
This tool set is a good balance of features and cost and makes sense for us since our devices are generally not exposed to PII, PHI, PCI, or financial data. If our business needed a top tier security stance, we would reassess our technology and perhaps make some changes.