Battle deep instinct vs crowdstrike which one and why?

Compare list
crowdstrike
deep instinct
Platform(s)
  1. Microsoft Windows
Shadowra said:
I'm reviving this topic, having uninstalled Deepinstinct from my personal computer 30 minutes ago!

It deleted: Brave, Filmora, an m3u player, a game, DeepL, UniGetUI. .... :ROFLMAO:
Click to expand...
so far DeepInstinct has not misbehaved here (that I am aware of) -- I'm 6 or 7 hours west of you...
 
  • Like
Reactions: Khushal
Shadowra said:
I'm reviving this topic, having uninstalled Deepinstinct from my personal computer 30 minutes ago!

It deleted: Brave, Filmora, an m3u player, a game, DeepL, UniGetUI. .... :ROFLMAO:
Click to expand...
This is exactly why the user has to be involved in making the decision on whether to quarantine / delete a file or not.

To properly secure an endpoint, there should be a baseline layer with a moderate security posture and low false positives... in other words, your typical antivirus.

On top of the antivirus layer there should be a more aggressive zero-trust layer that involves the user or admin making the decision on whether to allow the item or not.

Aggressive cybersecurity products should never auto quarantine / auto delete, and moderate security posture products should never let or force the end-user make the final decision.

I have worked directly with end-users since 1999, some of them being the most novice of users, and I can tell you on no uncertain terms, this is the only way to properly secure an endpoint.
 
  • Like
  • +Reputation
  • Hundred Points
Reactions: LordCraven, Zero Knowledge, ErzCrz and 5 others
danb said:
This is exactly why the user has to be involved in making the decision on whether to quarantine / delete a file or not.

To properly secure an endpoint, there should be a baseline layer with a moderate security posture and low false positives... in other words, your typical antivirus.

On top of the antivirus layer there should be a more aggressive zero-trust layer that involves the user or admin making the decision on whether to allow the item or not.

Aggressive cybersecurity products should never auto quarantine / auto delete, and moderate security posture products should never let or force the end-user make the final decision.

I have worked directly with end-users since 1999, some of them being the most novice of users, and I can tell you on no uncertain terms, this is the only way to properly secure an endpoint.
Click to expand...

I know and I'm aware of that, but I'm pretty fed up with having to whitelist everything...

Thanks to @kamiloxf , I'm testing SentinelOne, which is more permissive, yet effective.
 
  • Like
  • Hundred Points
Reactions: Zero Knowledge, Miraculix, Captain Awesome and 3 others
Shadowra said:
I know and I'm aware of that, but I'm pretty fed up with having to whitelist everything...
Click to expand...
But this the new cool for business/enterprise/home users, whitelisting is back with vengeance. Using enterprise tools will no doubt result in wrong quarantine objects.

The only thing you can do is submit a support ticket and hope they whitelist your banned programs!
 
  • Like
  • Applause
Reactions: simmerskool and Shadowra

You may also like...