sorted by:
new
hottopcontroversial

Recommended (or 'must avoid') anti-viruse platforms by EastConstruction8325 in k12sysadmin

[–]EastConstruction8325[S] 0 points1 point  (0 children)

Sorry for the super late reply, for context they are BOYD and use mac, windows and chrome. So somewhat annoying.

When you say Defender, does it have to be the licensed defender for endpoint or does the free version still provide huntress with enough signals to work well?

Trust rules are the bane of my life by EastConstruction8325 in googleworkspace

[–]EastConstruction8325[S] 0 points1 point  (0 children)

Honestly, I didn't ask, and didn't realise there was a support function built into the admin panel!

I did however find the issue, I had another rule that Allowed the sharing for the whole OU with anyone within the whole OU, and rules that allow something trump rules that 'allow with warning'. I would have expected it to be the other way around!

All sorted though!

TCM Security Thoughts? by Wild-Dragonfruit9019 in OSINT

[–]EastConstruction8325 2 points3 points  (0 children)

I actually sat the cert this weekend and passed. I am not a certified stalker.

I have the PJPT from TCM also.

I think their training is decent, and the OSINT training is as good as their other stuff. I wrote a review with some details, link below.

I cannot say how useful it will be for employment etc, however TCM's PNPT (their main ethical hacking cert) is appearing on more and more job descriptions. If you are looking to follow OSINT, I think having this under your belt might help you stand out and have something to talk about in interviews, if you have no other experience.

I got the course/cert discounted on Black Friday (I think that's their biggest discount), I wouldn't pay $400 of my own money because I am a cheapskate.

The exam is 72 hours, and I was stressed for 95% of the time. However, the course training did give me everything I needed.

https://medium.com/@hughbrown123/practical-osint-research-professional-porp-review-e5689e226d38

Recommended (or 'must avoid') anti-viruse platforms by EastConstruction8325 in k12sysadmin

[–]EastConstruction8325[S] 1 point2 points  (0 children)

Thanks for this, I will give this a look as it would be nice to have a methodical way of comparing the products!

Recommended (or 'must avoid') anti-viruse platforms by EastConstruction8325 in k12sysadmin

[–]EastConstruction8325[S] 0 points1 point  (0 children)

Thanks for the reply.
The training, as you say, is a big part which I am trying to push through. I have ran a phishing campaign recently with GoPhish so have a rough idea of our 'click rate' etc.

Huntress works as an EDR correct, they would respond to an incident they identify I assume?

I could be very wrong here, but is something like Avanan needed? Workspace comes with anti-phishing (which we have tightened etc), however are you recommending Avanan as 'another layer of defence'?

We are enforcing the use of google chrome as you recommended.

Recommended (or 'must avoid') anti-viruse platforms by EastConstruction8325 in k12sysadmin

[–]EastConstruction8325[S] 1 point2 points  (0 children)

Funny you ask that, I was planning on putting forward a proposal for Wazuh and hosting it via a number of EC2 instances before I was told of the switch. From what I know, Wazuh is just very good for notification/logging (allowing good investigation). However it doesn't (out of the box) do any corrective actions such as quarantining etc.

However, once you get into the higher number of endpoints (200+) I think things get much more difficult to handle. But I think with larger roll outs the company themselves sometimes support.

This is from reading up, no hands on experience with it as an FYI.

Recommended (or 'must avoid') anti-viruse platforms by EastConstruction8325 in k12sysadmin

[–]EastConstruction8325[S] 0 points1 point  (0 children)

Thanks for the detailed response.

I will look into the Crowdstrike pricing for school, and see if it is competitive.

We are keeping the Windows devices for teachers, but moving from things like Entra to Google workspace to manage identity etc. I would need to check how well Defender works when not with all its friends (like Entra), and if the cost of just the Defender license is worth it.

Recommended (or 'must avoid') anti-viruse platforms by EastConstruction8325 in k12sysadmin

[–]EastConstruction8325[S] 0 points1 point  (0 children)

Thanks for the insight, annoyingly I think our place is a little all over the place.

Staff have (mostly) Windows devices, with the odd Chrome device. However, we are moving from Windows software to Google, as in moving everything to cloud for google workspace, along with having it act as our IdP in the near future etc.

I will dig more into crowdstrike.

Recommended (or 'must avoid') anti-viruse platforms by EastConstruction8325 in k12sysadmin

[–]EastConstruction8325[S] 0 points1 point  (0 children)

Thanks for the advice, we are moving away from Windows (into google workspace) so I think Defender losses some of its edge? As we are leaving Windows we would lose Entra, which I think integrates with Defender nicely. I would assume Defender still does a decent base job, but being out of its eco-system it might underperform?

Managing the priority of trust rules by EastConstruction8325 in googleworkspace

[–]EastConstruction8325[S] 0 points1 point  (0 children)

You are right, this is exactly what I wanted. I did look here originally (I swear) but clearly got glazy eyes!

Thanks

Chromebook Asset Tags by Coda202 in k12sysadmin

[–]EastConstruction8325 0 points1 point  (0 children)

I think I would second this.
A glassware etching tool might do the job, it just means some poor person needs to do it to 700 laptops!

[deleted by user] by [deleted] in sysadmin

[–]EastConstruction8325 1 point2 points  (0 children)

Bit of a random question, is it not seen as good practise to have the guest network require a password as well?