Migrating From CylancePROTECT to an EDR solution (e.g. Crowdstrike or Carbon Black)

egrizzlyegrizzly Member Posts: 516 ■■■■■□□□□□
in Incident Response
Hi all,

Does anybody have a resource or any insights on migrating from CylancePROTECT (an EPP) to an EDR solution (like Crowdstrike or Carbon Black)?  Specifically I'm looking for proof or how to show that the functionality of the EPP solution can be completely replaced by the EDR solution.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Tagged:
· Share on FacebookShare on Twitter

Comments

  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,503 Mod
    The proof can be by showing insights from the EDR through dashboards to demonstrate how they work, showing their detective capabilities that goes beyond what happens on an endpoint


    Depends on who you're proving to and their background, but ideally you it should detect a lot more than an EPP.


    If they're a non-technical executive, be a story teller and show they how this can detect/prevent things like ransomware
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

    · Share on FacebookShare on Twitter
  • JDMurrayJDMurray Certification Invigilator Surf City, USAAdmin Posts: 12,845 Admin
    Ask each EDR vendor for the information you need by submitting an RFI or RFP. Let their sales people show you how their EDR completely replaces your EPP and then some.

    Forum Admin at www.techexams.net
    --
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    · Share on FacebookShare on Twitter
  • egrizzlyegrizzly Member Posts: 516 ■■■■■□□□□□
    Great advice @UnixGuy and @JDMurray.  I had actually been overthinking it and not thought about engaging the sales engineers. Will definitely put that in motion. 
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
    · Share on FacebookShare on Twitter
Sign In or Register to comment.