You can use Defender (windows builtin) and just use Xcitium Containment profile and EDR. That removes the Antivirus use (not the security client).
We did this with multiple Servers in the past which were running out of RAM and we thought it was Xcitium. We worked with there team for months and one night I went ahead and reviewed it myself and solved the issue. Defender is never turned off as such as Microsoft wants it to be ready to respond if you remove your 3rd party AV. With that being said the Defender Malware module on Windows Server 2019 was kicking in and eating all the RAM. Issues turned out to be in the task menu that runs that module was set to high priority giving it access to 100% of the resources, just set it to low or off (don’t rember off the top of my head). We realized it when Xcitium AV was off of the server and Defender kept doing the same thing.
With this you can still try and add value to your customer using Defender.
Can we also get to control the following setting? This setting also slows down the PC a lot as it continuously scans the network SMB operations. As of now we can only disable it by going to each and every device but that is not possible for us. I created a ticket and I was told that in future release it will be taken care of.
I kindly request you to follow the suggestion provided by the team. Please do reach back to us in case if you face same issue and able to collect memory dump.
but we need to test it
