We have been using Mcafee endpoint protection as a traditional AV, and Sophos intercept x as an additional layer for antiransomware, but we want to redesign our strategy focusing in provide next gen capabilities, probably with EDR if our budget is enough. Also we have to buy Forticlient for VPN management and it includes a signature based AV.
There are many options in the market and I have seen approaches based in multivendor layers, for example Ms Defender + Carbonblack.
The questions are,
-do you recommend multivendor and multilayer, or just one vendor with an advanced endpoint with EDR should be enough?
– is Sophos Intercept a good solution enough by itself?
– maybe Sophos+forticlient could be a good combination to maximize our budget, but are them good in terms of real protection?