Its prevented the execution of malicious code and saved us from a ransomware incident where one of our know-it-all engineers tried to install his own antivirus he got from God knows where. It scans for out of date software, references the CVE, but not as good as Nessus for giving remediation suggestions. We've used it to lock down USB ports, block bluetooth, look at out of date clients and the last time a computer was logged into and updated fairly easily. I've not had to wipe a computer that was infected with a virus since we installed it. It will also throw a lot of false positives with custom programs it doesn't recognize, or if the developer forgot to use his security certificate when he deployed his or her program. I finally figured out what was happening on the 4th machine I updated that had a PS2 port I could use a keyboard on and to get the code from the S1 console and uninstall S1 without completely rebuilding the PC. That's more the fault of the organization for not making sure PC's were patched. Been using S1 for over a year with only minor issues like 3 years of updates installed at one time will trigger S1 to lock all the com ports on the machine.
0 Comments
Leave a Reply. |