Tarah WheelerDoes anyone have any decent EDR running on an Apple Neo? Logging? I have a small nonprofit org that wants to roll out a fresh fleet of 15 Neos and the arm64 chip in the Neo isn't the same series as the M. I'm looking for actual A18 Pro / MacBook Neo validation, not "it should work" because I've already got Claude telling me "it shoudl work fine" and that reality is not manifesting for an MSP I know working with this issue.
RossMadness@Tarah I checked Bitdefender Gravityzone and Crowdstrike Falcon (both EDRs I know that have non-profit pricing) and it's not looking good. Both companies official support docs say "M-Series CPUs". Unfortunately I'm seeing a lot of discussion like you are that it "should be fine". Unfortunate.
mobidic@Tarah
For a small nonprofit, I would prefer Intel MacBook or iMac hardware capable of running Ubuntu 22.04 LTS rather than a newer Apple-silicon Mac that depends on vendor-specific macOS security tooling.
I would also avoid deploying EDR by default. Instead, I would focus on teaching users and administrators how threats actually appear at the operating-system level: files, processes, permissions, logs, startup entries, network connections, and package changes.
meadxmoon
@meadxmoon
Sure, this isn’t the 80s or 90s anymore, when most CPU power served useful tasks, tools, or gaming fun. Today, corporations have disempowered users, pushed online storage and tracking-first design, then repeat the surveillance industry’s sales pitch about purchasable “security." and "do not trust anybody and yourself/copy&paste". All big BS - and more big BS.
The only real defense against idiocy and empty slogans is: education, education, education, ...
@Tarah
There is no such thing as a “decent” EDR.
It is often sold through fear. The pitch is usually not education, autonomy, or user competence.
A good security culture teaches people how to recognize risk:
- What suspicious files look like
- How phishing works
- Why permissions matter
- How software gets persistence
- What normal system behavior looks like
- How to check processes, logs, services, startup items, and network activity
- When to stop, ask, and verify
@Tarah yeah… don’t think anyone is supporting A series for macOS, no bux in it 😒 on the plus side, seemingly no malz for it?
@Tarah I think @objective_see is prob the best interim bet
Zimmie@Tarah Sounds like some vendors are reproducing a version of the reason Microsoft skipped Windows 9. “It’s an A-series processor? Must be a phone!”
The chip really is the same series in all the ways which matter. The A18 and the M4 use the same core designs, the M4 just has more RAM channels and potentially some extra ASICs for stuff like media codecs.
Chris
Antwan van Houdt@Tarah I'm not sure if ESETs counts but I can keep an eye on when my company deploys NEOs maybe? Haven't seen them yet though but Ill ask IT
felface
Brian J Best