Sophos expands endpoint protection capabilities
Endpoint detection and response services added to Intercept X
Sophos has added endpoint detection and response (EDR) to its endpoint protection solution.
Intercept X with EDR will utilize Sophos' deep learning neural network to detect suspicious attributes in malicious code, to detect previously undetected threats. The solution will provide organisations with broad, expert analysis of potential attacks by comparing the DNA of suspicious files against the malware samples already categorized in SophosLabs to enable them to identify and respond to suspicious threats more quickly.
Sophos says that the new solutions will give businesses of all sizes the sort of advanced threat investigation and tracking that was only previously possible with a dedicated Security Operations Center (SOC) or specialized IT security team.
With a single click, IT managers have on-demand access to curated intelligence from SophosLabs, guided investigations into suspicious events, and recommended next steps. To maintain full visibility into the threat landscape, SophosLabs tracks, deconstructs and analyzes 400,000 unique and previously unseen malware attacks each day in a constant search for attack novelty and cybercriminal innovation. By providing access to SophosLabs data, IT managers of all skill levels have first-responder forensics at their fingertips to best determine if and what types of attacks are happening.
Dan Schiappa, senior vice president and general manager of products at Sophos said that IT managers regularly need to know time-sensitive questions about an attack, but lacked the ability to properly analyse possible threat.
"The sheer volume of malware, frequency of attacks and wide availability of toolkits on the dark web have made EDR capabilities necessary to every business - especially those with limited IT security resources. Sophos is providing the equivalent of a team of global cybersecurity experts and access to the rich knowledgebase SophosLabs has about the reputation of files and other information collected through terabytes of malware analysis. IT managers can now quickly analyze and trace attack pathways without needing to reverse engineer files."
With Intercept X Advanced with EDR, IT managers can see if an attacker is moving laterally, and leverage the anti-ransomware and anti-exploit capabilities in Intercept X, the industry's most sophisticated endpoint prevention solution. Sophos Intercept X with EDR is integrated with Sophos Central, a cloud-based unified console for managing Sophos' portfolio of products, allowing end users and Managed Security Partners to make decisions based on EDR intelligence from a single pane of glass.