Migrating From CylancePROTECT to an EDR solution (e.g. Crowdstrike or Carbon Black)

egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+Member Posts: 505 ■■■■■□□□□□
Hi all,

Does anybody have a resource or any insights on migrating from CylancePROTECT (an EPP) to an EDR solution (like Crowdstrike or Carbon Black)?  Specifically I'm looking for proof or how to show that the functionality of the EPP solution can be completely replaced by the EDR solution.
B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Comments

  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,455 Mod
    The proof can be by showing insights from the EDR through dashboards to demonstrate how they work, showing their detective capabilities that goes beyond what happens on an endpoint


    Depends on who you're proving to and their background, but ideally you it should detect a lot more than an EPP.


    If they're a non-technical executive, be a story teller and show they how this can detect/prevent things like ransomware
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,733 Admin
    Ask each EDR vendor for the information you need by submitting an RFI or RFP. Let their sales people show you how their EDR completely replaces your EPP and then some.
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 505 ■■■■■□□□□□
    Great advice @UnixGuy and @JDMurray.  I had actually been overthinking it and not thought about engaging the sales engineers. Will definitely put that in motion. 
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Sign In or Register to comment.