Older SEP versions (pre-14.3) were sometimes criticized for endpoint sluggishness. RU10 prioritizes resource efficiency.
With Microsoft accelerating its hardware architecture changes, RU10 officially adds support for:
The SONAR behavior engine now flags activities mapped directly to MITRE ATT&CK tactics, such as: symantec endpoint protection 14.3 ru10
Admins can generate ATT&CK coverage reports from the SEPM console, aiding SOC audit readiness.
Yes, if:
No, if:
While competitors push cloud-only ML models, SEP 14.3 RU10 continues to refine its SONAR (Symantec Online Network for Advanced Response) engine. Version 14.3 RU10 includes updated behavioral stigmas for ransomware. Older SEP versions (pre-14
In testing, the RU10 SONAR engine showed a marked improvement in detecting "Living off the Land" (LotL) binaries—specifically, malicious use of Powershell and Wmic to perform fileless lateral movement. It doesn't beat CrowdStrike in speed, but for an on-prem agent, it remains surprisingly effective.
You can upgrade directly to RU10 from: