Hello. I’m looking for some recommendations for business EDR. Aside from an obvious mature and reputable product, ideally I’d like to hear of a solution that has excellent support and response when a security event occurs or when a false positive is detected. Thanks!
I guess I’d like to know what reputable solutions you are referring to.
We are still using Huntress and Sentinel One.
Hi Tom. I watched your security incident video involving Huntress and SentinelOne and have some wonderings - how exactly are both products used in conjunction with each other? Do you just use Huntress SIEM and SentinelOne EDR, or are you actually deploying two EDR solutions for redundancy? If you’re using the EDRs at the same time, I have no experience with these more modern evolutions of antivirus and have always had the mindset that you only ever want to use one antivirus at a time or else they could conflict with each other.
Trellix with ePO, either local ePO or cloud ePO, they claim the cloud is faster to update to current threats. Runs on top of Defender for basic functions, many advanced functions that are an optional buy.
We use Huntress EDR & S1 EDR and they don’t conflict with each other at all. We are using Blumira for SIEM. This is all about layering on the security. If you were to ask me to choose only one EDR solution it would be Huntress.
1 Like
We use Sophos MDR and Huntress. Sophos is good, but very expensive. It works great if you’re deep in the Sophos ecosystem with endpoint, firewall, and other services though. Huntress is sort of a backup layer for us, but it’s really affordable and a lot of peace of mind for the buck.