We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall.
We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers.
We subsequently expanded the scope of the solution to detect malicious activity on our network.
It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.
It is also missed that it does not have a client for Linux.