Team,
I need an API that is accessible for this solution. It doesn't make sense to pay for something that is not an EDR (Sophos Cloud has Intercept X) nor has mobile protection, nor has any enterprise or search functions via Yara, OpenIOC or STIX.
While most of your "home premium" users would not know what this is or even use it, I suspect you do have a backend dev API as clients check into the console. Please publish the basics to use this API, either basic auth or with token and parameters. If not, I would consider Microsoft ATP as it's more robust, works on more devices and frankly - is better at detection of LOTL techniques that are more common today than ever. If you have a good thing going, keep it going - don't let your place fall in the Gartner leader quadrant over such matters. I kid you not, on the business side of things - you lost my Fortune 20 org because there was no proper API TA for Splunk ES nor proper documentation. It was all about "looking forward" and Sophos didn't have it.
So what should the feature request have? (protection for any device, who cares if it is a server OS or not, mobile device or not - iOS or not - get a cert on the device, sign your binary, test it with Xcode and get it in the App Store!) (second, make a basic API for getting device name, device threat, etc).
P.S. Putting FUD out there for Ransomware and so on doesn't make me want to buy the solution. It actually makes me want to share with some "influential online journalists" just how ineffective Premium is. If I have Ransomware, I sure as hell want to be able to contain that endpoint and I definitely need to get memory forensics to reverse the encryption. Try selling that!
This thread was automatically locked due to age.
