Yes, you are offbase. This is a fairly well written article that highlights and summarizes a few of their most recent gaffs. We recently re-evaluated our EDR solution and Microsoft was in the final 3. We didn't move them past the RFI process because of these recent incidents, on top of a very poorly packaged product (Defender). Microsoft has been really pushing the notion they're a security company (and my 401k would love it if that were true), but the sad reality is they continue to fall short in every possible way. I'll likely share this article with my peers when challenged on why we didn't move forward with them in our EDR project.
gjsman-1000|1 year ago
Just the branding - the name and logo is exactly the same as Windows Defender. It even puts an icon in the taskbar tray, resulting in two identical logos for two identically named products that do completely different things.
No idea what they were thinking there. It seems they thought that the separation in consumers’ minds between “Microsoft” and “Windows” was strong, which it absolutely is not.
emsixteen|1 year ago
bombcar|1 year ago
Microsoft branding is so bad.
panzi|1 year ago
csmpltn|1 year ago
I find it odd that you'll reject Microsoft based on "recent incidents", as if security incidents don't happen with the competitors?
lesuorac|1 year ago
And were those incidents detected by the competitor or a client?
> One of the more damaging findings was that Microsoft learned of the attacks only because the State Department had set up an internal alert system after purchasing a G5 license from the company.
Although I mean the lack of on-prem really should be a nonstarter for a lot of large companies. Having a defense in depth where you need to be on the VPN before you can actually authenticate to the services does help. Or in the case of governments; they can run private fiber lines between buildings and then you can't even attack the server from the public web.
0xfae|1 year ago