Yeah, you're both on Windows 10. I didn't know WHY SEP was sill working for you, but after weeks of unyielding turmoil, I found out the hard way. The TLS bug was supposed to have been fixed years ago, but using the options to enable didn't work by itself, which still doesn't make sense. It should not take a manual RegEdit to do something that is readily accessible in Control Panel.
Incident Response Risk Assessment Spyware Found a string that may be used as part of an injection method Persistence Modifies System Certificates Settings Writes data to a remote process Fingerprint Queries kernel debugger information Queries process information Queries sensitive IE security settings Queries the display settings of system associated file extensions Evasive Marks file for deletion Possibly checks for the presence of a forensics/monitoring tool Writes archive files MITRE ATT&CK™ Techniques Detection We found MITRE ATT&CK™ data in 2 reports, on average each report has 313 mapped indicators.
It'll be officially released this October, and you'll be able to see it on the official website then.
I'd be interested in knowing what other products might replace SEP. I've been looking at AVG (free version), and haven't tested any others.
Although Broadcom emphasises the many benefits of SESA, it increases maintenance costs for customers, particularly large enterprises. IT admins might not distribute SESA to their managed end devices,continuing to use SEP14 RU10 until the licence expires.
In short, it seems likely that unmanaged clients will no longer be supported from Windows 11 25H2 onwards. Since Microsoft Defense is installed as standard, I think I'll stop being so hung up on SEP.