Just curious how other folks out there are managing retrieval of items from quarantine on client machines. I've read about Qextract and SEP Quarantine Tool, but I've never been able to effectively use those to pull a sample from a remote machine. Any suggestions on how to more effectively use those tools is appreciated.
Currently, we still utilize Central Quarantine 3.6. It works most of the time, but I'm well aware that Symantec has stated for years that this product is no longer supported and will not be actively developed. This seems like a huge misstep in my opinion. For an enterprise security team, being able to retrieve samples to perform additional analysis is of utmost importance. Other solutions like Cylance facilitate analysis by making samples retrievable from the console, running strings against them, etc. From what I can see Symantec is failing in this regard.