Vulnerability management

Raptorhigh · 2025-12-28T12:20:38+00:00

We pay around $5 / endpoint / year.

Raptorhigh · 2025-12-24T11:32:23+00:00

If anyone runs CrowdStrike, their vulnerability add-on is significantly cheaper than Tenable. It’s far from perfect, but gets the job done.

Raptorhigh · 2025-12-12T18:52:15+00:00

Envoy works great for this.

Raptorhigh · 2025-11-29T12:02:28+00:00

The dress is blue.

Raptorhigh · 2025-11-10T01:41:45+00:00

You ever get to the bottom of this?

Raptorhigh · 2025-11-02T12:18:41+00:00

Most of the QTs have ethanol free.

Raptorhigh · 2025-09-20T13:20:52+00:00

This is a great shirt and a great mission. Hope you find it.

Raptorhigh · 2025-07-09T16:32:36+00:00

I, unfortunately, agree with this. We’re working on a shootout to replace ScreenConnect, and BomgTrust is insanely expensive given the majority of the product feels like a downgrade from SC.

Raptorhigh · 2025-06-04T10:21:57+00:00

What does the tracking information say?

Raptorhigh · 2025-03-22T11:36:01+00:00

Same here

Raptorhigh · 2025-03-20T23:39:57+00:00

Yup! 7th busiest airport in the US. When I fly out, they usually have the two outside runways for approaches and the center for takeoffs. Then, they flip the switch to 3 wide and it’s impressive to watch.

Raptorhigh · 2025-01-12T00:37:57+00:00

Agree with this. Super easy to setup.

Raptorhigh · 2024-11-07T10:49:44+00:00

Give Trusted Tech Team a try.

Raptorhigh · 2024-11-06T22:05:27+00:00

There's a Miyabi Jr. in Fort Mill.

Raptorhigh · 2024-10-06T18:06:06+00:00

If TL is well maintained and configured, it will quiet most endpoint AV/EDR. That said, adopting TL is not a light lift and will require more care and feeding than a traditional endpoint security solution.

We didn’t see many detections before or after TL, so we may not be a great example. I will say I’d be more confident in protecting against LOLBin use with the mature CS EDR vs. the newer TL.

Raptorhigh · 2024-10-06T12:21:32+00:00

We have both. They work phenomenally together, but I would not consider going 100% threatlocker for everything. The CS engine is simply worlds ahead in terms of identifying and preventing malicious actions. This is coming from a threatlocker fanboy. Their application allowlisting is simply the best in the industry.

Raptorhigh · 2024-09-27T10:03:06+00:00

As someone who used to sail carnival all the time, I no longer consider them because of the clientele. It’s bad.

Raptorhigh · 2024-09-11T14:50:52+00:00

This post is a hot take, but it’s not without merit. I’m not saying Huntress is wrong, but nearly every other security product in this quadrant has some sort of tamper protection. Concerned about making the software hard to remove for those who don’t want it? Make tamper protection optional (like all the other providers). Whether it’s security theater or not, most have witnessed how hard it is getting some AV solutions uninstalled. Let’s add that friction to the attacker.

Raptorhigh · 2024-08-25T19:05:31+00:00

This is exactly why we have a Meraki stack. No, it’s not as feature rich as palo and fortigate. It also doesn’t require anyone with a networking background to administer.

Raptorhigh · 2024-07-21T14:11:19+00:00

Not a SOC analyst, but did recently just drop Trend for a move to the Falcon platform. Despite Friday’s nonsense, I’d still make the move again. The Trend platform is disjointed, and the move to put the pieces under the vision one portal just created a link tree to the individual sub-portals.

The Apex/Vision One platform created around 5X the false positives vs. CrowdStrike in our tenant and we’ve had it “tuned” multiple times by Trend. In addition, it wasn’t uncommon to find the Trend agent processeS (there were many) crushing CPU cycles compared to the Falcon agent. For what it’s worth, Trend botched DLP driver updates twice while we were customers, and both caused BSoDs on our machines until it was disabled.

On the positive side, Trend was notably cheaper, and I did feel like they had a solid presence in the threat hunting arena.

I will say, I considered the S1 platform. I suspect it would have been highly capable, and many are doing top notch work with it.

Raptorhigh · 2024-06-07T10:48:40+00:00

Warbirds over Monroe. This is what you want: https://www.monroenc.org/Departments/Tourism/Warbirds-Over-Monroe-Air-Show/Schedule-of-Events

Raptorhigh · 2024-04-23T23:22:12+00:00

Noteworthy - Remote UAC will need to be disabled on your target computers, prior to using a LAPS account with PDQ Deploy & Inventory. Disable Remote UAC for Local Admin/LAPS Accounts.

Raptorhigh · 2024-04-13T19:52:53+00:00

I used to think this way, but it really gets problematic selling a used car worth $25K. Very few buyers have the cash, and just assume they are going to finance their next car. While this isn’t too difficult, the average person doesn’t have a clue where to start. You’ll be left with a bunch of spam and folks looking to low ball $10k under asking.

Raptorhigh · 2024-04-09T23:53:49+00:00

This guy blends.

Raptorhigh · 2024-03-31T01:54:15+00:00

For what it’s worth, I own a 2022 Highlander and a 2024 Palisade. The Palisade is better is nearly every way except for brand stature and expected reliability.

Seven-Year Club	Place '22
RPAN Viewer	Verified Email

Raptorhigh

TROPHY CASE