direct connect
Poll Results
Not a Member? Learn More

NOREX News section will be updated frequently with member alerts, news releases, helpful links, event notices, member gold nuggets, resource additions and helpful community building information. If it's new, you will find it here.

Endpoint security refers to a methodology of protecting corporate networks when accessed via remote devices such as laptops or other wireless and mobile phones and tablets. Each device with a remote connection to the network creates a potential entry point for security threats.

A recent WebForum on this topic focused on the specific tools designed to identify and remediate the threats.  

Of the 40 participants, almost 75% have a tool in place; others are evaluating specific tools and got great information to help with their decision.

Participants were asked to share what tools they are currently using and provide a short review.  Here are some responses:


We recently rolled out Barkly.  Working well so far. Barkly for us was $60 for 3 years per endpoint at 110 endpoints total.

Carbon Black

We are using CB’s Defense and would recommend.


CheckPoint Sandblast. Yes, recommend.


Cylance was ~$14,000 for ThreatZERO plus then $27 per endpoint. We deployed to ~3,000 endpoints.


Cisco AMP (Advanced Malware Protection)

Cisco AMP.  I would highly recommend. Cisco AMP is around $50 for 3 years per endpoint.  This of course depends on your level of Cisco discounts.

Cisco AMP. It is sensitive, so some tweaking is needed.  I recommend.

Yeah, Cisco AMP at work, I have Bitdefender personally (not comparable to AMP)

Cisco AMP has a free version for home use called Immunet.

Cisco AMP recommended. Easy deployment, no tweaking required for me. 5000 endpoints. Good visibility.


We are looking at getting Windows Defender ATP.

We're using Windows Defender and manage it through SCCM. It's been OK. It flags our GPO settings as Malware though. Go figure.

We ran Defender demo - pretty cool visibility.  Win admins liked it for telemetry.  Bonus is the native kernel hooks.

Palo Alto

Palo Alto Traps on the endpoints, with IntelliGo on the network, and Palo Alto firewalls on the edge.


Sophos advanced and x-intercept for end-users.

Sophos was in the EPP category but with the purchase of HitMan Pro has sort of entered EDR space as well.

Sophos + HitMan Pro = Intercept-X

Key takeaways from participants

o   From an endpoint perspective, while we have stayed with the same layered defense we have always used and the endpoint tools have grown in capability, I think we may be behind the power curve when it comes to endpoint protection.

o   Good to know what tools others are using.

o   More Cisco AMP users than expected.

o   I attended to gather info for our decisions in this area.

o   People seem to be relying very heavily on "Tools".  Unfortunately there seems to be very little interest in end-user education and involvement.  Teaching your end-users not to click on a suspicious link is just as important as packet inspection.  The best wall in the world will do nothing if an end-user is unknowingly opening the gate.

o   Getting more information what’s coming in the future and what users think on security.

o   Barkley was interesting and something we haven't heard of. Additionally, did not know HitMan Pro was purchased by Sophos.

o   Great overview of the top products out there in this area.  Thanks.

General Comments

o   Good, this type of forum depends on user's participation so it's on everyone to make it worthwhile.

o   Once I saw the types of products that were being referred to, it was obvious our organization is a bit out of step with best practices.

o   Really great. Love connecting with peers

For further information on this discussion, see Transcript Endpoint Detection/Prevention & Response

Read more perspectives on this topic: Next Generation Endpoint Protection

See one member’s Endpoint Security Tool Comparison 

Not a member?  We’ll be happy to send you further information.  Click HERE to let us know how we can help!