Carbon Black App Control is an application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates.
N/A
Trend Vision One Email and Collaboration Security
Score 9.3 out of 10
N/A
The Trend Vision One Email and Collaboration Security application secures Microsoft Office 365 and other cloud storage applications.
Cb Protect is best suited somewhere where you want to maximize the lockdown of workstations. So moving past no local admin rights to blocking specific applications and peripherals. The idea would be to have a list of applications you want to run, and then anything else is not able to be used. As stated prior, if you have a very fluid environment where you are having all sorts of new applications installed frequently (I feel for you!!) this is still do-able, but it misses the general idea. I think especially in environments that are more sensitive to new applications, like banks, healthcare systems etc, this is a good fit. The ability to look at application levels, drift, unapproved software etc is very useful.
The product works great when I have to quarantine a mass email attack. Seems students are always susceptible to email base attacks, we are no different, but when one occurs on a mass email basis I can very easy and quickly block/quarantine those emails either by sender, domain, or URL or all three if need be. We have played with the data loss component but it is hard to do anything but "monitor" because there are way too many false positives. Such as with SSNs and bank routing numbers, but I figure any solution provider would experience the same problem. However, even with monitor and notification only, it is useful to make our users aware they are potentially sending personal information.
Wish I could customize the notification emails more, like including html code to personalize and highlight messages that my end users see when an item is flagged.
Wish there was a word or phrase component to block/flag emails as I can with files, links, senders and domains.
Automation of the BEC list would be a plus...such as pulling in an OU or security group so that I do not have to do manually perform this task.
We have multiple TrendMicro products. Thus it would be nice to have one dash board to "see" or login at least for ApexOne, CAS, etc.
Only a 9 if the product become completely unaffordable. Covid-19 has adversely affected Higher Ed budgets, if that should happen I would lobby hard to find cuts elsewhere...TrendMicro CAS is a necessary tool for any business to have!
Once Cloud App Security is up and running there is no need to do anything additional. The program will begin protecting all the environment immediately and end results are proven. All notifications come to the administrator email to verify and mitigate a response and check the endpoint if necessary. Very easy to use.
Trend Micro Cloud App Security’s support has been highly competent and thorough when we have needed their assistance. Their support has been quickly dispatched, both through telephone and Email, while answer our questions and providing the “inside baseball” answers we have wanted when discussing the why and how of certain issues. When it came to implementation, their support sat through us as we deployed agents and took us on an adventure few implementations have.
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work). Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in Barkly day 0.
To date we had only utilized Symantec Small Business Suite for all of our antivirus needs. We had only moved to the cloud environment during the summer of 2020, and after doing so I'm not sure that I would ever change from Trend Micro Cloud App Security. The cost and features all are a great fit for the small to medium-sized business such as ours.
CAS gives us peace of mind knowing the file systems we rely on in the cloud are protected the same way they would be if they were sitting in our office. This leads to a reduced risk of downtime that could otherwise limit us from being able to properly support our customers.
