Rob, thanks for adding to the topic. I created the post because limited resources do not permit us to investigate a wide range of solutions, such as testing the conditional usefulness of Webroot versus Trend Micro versus Symantec Endpoint. We are functionally literate with SEP, but other AV vendors may do many more jobs than SEP, as you mentioned. We just happen to have no experience or concentration with those technologies or vendors. Time and money, money and time.
The same thing applies to our EDP/EPP, which was only recently introduced after an incident.
No matter what, our resources will still be finite at the end of the year. I have a scant few months to determine the ongoing value of our EDP/EPP or our SEP antivirus solution, and determine which one "walks the plank" when department spending says we must keep only one.
And of course if you've a locked down build with limited use cases you could look at application whitelisting as an additional defence.