I'm considering our security setup and the changes we want to make. Currently, we don't have 24/7 monitoring, but we plan to implement N-Able MDR. We're also thinking about ditching our existing Endpoint Protection Platform (EPP) in favor of SentinelOne's EDR solution. Does this strategy make sense, or should we be keeping our EPP? As an alternative, we could use Microsoft Defender as our EPP to cut costs, though that would mean adding another tool for our managed service provider to handle. I'd love to hear your thoughts on this!
4 Answers
Just a heads up, be careful if you're mixing different EDRs. Usually, MDR solutions come paired with their own EDR, and running two on the same system can cause conflicts. If you really want SentinelOne, consider their own MDR option. Also, keep in mind that EDR/MDR typically encompasses EPP functionality, so three different products might just complicate things.
Not to mention, there are pure MDR services out there like Huntress that rely on established EPP solutions. Always worth considering your options!
I’m using Fortinet for SOCaaS alongside Vipre MDR, and even then, our cyber insurance provider keeps pushing us on coverage aspects, even lowering our risk score. Not directly your query, but it shows that having the right monitoring certainly impacts your overall security standing.
We've been using Microsoft E5 along with Defender for Endpoint and it’s been smooth sailing for us. I don’t see the point of maintaining an EPP on top of that; Defender seems to handle our needs well.
We tried something similar, but added a SIEM to pull logs from Defender. It really helped us catch things we might have overlooked, especially in a smaller team.
Honestly, at this point, having both AV and EDR is pretty standard. Most modern EDR solutions, including ones like SentinelOne, offer comprehensive endpoint protection, making traditional EPP somewhat redundant. So, if you're switching to SentinelOne, you might not need the EPP in addition to that.
Yeah, exactly! It's a mess when they overlap. Just remember, the definitions can vary with different providers. Some call their offerings MDR, but it’s not always Managed EDR. Just clarity in what you're buying matters.