I'm trying to decide whether to license Sandstorm. Over 15 days and 80 users, Sandstorm has evaluated 158 files over the web, and found nothing of interest in any of them. Many of those 158 appear to be users repeatedly trying to download the same file because they don't read the SOPHOS message displayed on screen, so I'd say it's more like 60 events. Almost all of them were PDF files.
This is not a lot of action for what will cost about US$3,500 a year.
Of course, having that one bad file blocked could easily be worth $3,500, but I'm not sure that I'll ever see it, if I'm blocking dangerous MIME types and employing Applocker to prevent execution of anything that does get through.
Does anyone have a Sandstorm story that could make my decision easier? Or is Sandstorm like a sixth finger, i.e. interesting but not necessarily useful?
This thread was automatically locked due to age.
