I understand your preference. I have two questions:
1) Do you think that an organization should have no protections in place?
2) Why not just work from the machine they provided you, and do everything else on a personal machine?
I assume from your rhetorical question that you don't. I personally don't know enough about it to say whether it does or not - but, I will make what I believe is a reasonable assumption and say that all else being equal, yes, a fleet of machines with a EDR sensor installed is more "protected" than a fleet without.
If you have a point to make, why not just say what you are trying to say; it will be more effective discourse. I am genuinely curious.
They key to tools like crowdstrike is not so much protection, and being able to trace an attack through the infrastructure. They can see that your credentials were comprimised on your machine, and which systems you then connected to (or that bad process did) so they can trace the attack and make sure get it all cleaned up.
hulitu|1 year ago
Do you think Crowdstrike offers protection ?
wcski|1 year ago
If you have a point to make, why not just say what you are trying to say; it will be more effective discourse. I am genuinely curious.
briffle|1 year ago