I've been asked to review our current endpoint security process for potential improvement and figured I would check here to see what general opinion is of what is happening here currently.
We use OpenDNS for traffic filtering and Vipre End Point Security for AV.
Windows updates are run regularly, systems are a mix of 7 and 10, this part is a bit more hands on than I would like.
Installed programs are kept up to date via Vipre. I know there are alternate solutions that may work as well or better such PDQ Deploy.
Potential changes are prompted in part by Vipre throwing a number of what appear to be false positives. We see a handful of these now and again and typically few to no actual infections, possibly this is a good sign? There is some concern that things are being missed.
We also use KnowBe4 as an educational tool to reduce problematic user behavior. This seems to have been pretty effective.
I am seriously considering adding software white list(s) deployed via GPO to the mix.
Any recommendations for additions, replacements, updates or removal from the tool box appreciated. Feel free to request more info if you feel I am missing detail. Thanks!