Sophos, a global leader in network and endpoint security, announced that it has added Endpoint Detection and Response (EDR) to its Intercept X endpoint protection portfolio. Intercept X Advanced with EDR powered by deep learning technology delivers faster, more extensive malware discovery and is available today through a global early access program. Sophos’ deep learning neural network is trained on hundreds of millions of samples to look for suspicious attributes of malicious code to detect never-before-seen threats. It provides broad, expert analysis of potential attacks by comparing the DNA of suspicious files against the malware samples already categorized in SophosLabs.
Until now, effective investigation and incident response has only been achievable in organizations with a dedicated Security Operations Center (SOC) or specialized IT security team trained to hunt and analyze cyberattacks. With Sophos Intercept X Advanced with EDR, businesses of all sizes and those with limited resources can add threat tracking and SOC-like capabilities to their security defenses, reducing the time criminal hackers can hide in their network.
Sophos demonstrates threat hunting and other features in Intercept X Advanced with EDR in this video, Investigate Cyber Threats: Watch Sophos Endpoint Detection and Response in Action.
With a single click, IT managers have on-demand access to curated intelligence from SophosLabs, guided investigations into suspicious events, and recommended next steps. To maintain full visibility into the threat landscape, SophosLabs tracks, deconstructs and analyzes 400,000 unique and previously unseen malware attacks each day in a constant search for attack novelty and cybercriminal innovation. By providing access to SophosLabs data, IT managers of all skill levels have first-responder forensics at their fingertips to best determine if and what types of attacks are happening.
“’Am I under attack? Where is the attack taking place? How do I react?’ IT managers regularly face these time-sensitive questions, but without a SOC or trained security experts who know how to analyze potential threats, interrupting a cyberattack in real-time is very difficult,” said Dan Schiappa, senior vice president and general manager of products at Sophos. “The sheer volume of malware, frequency of attacks and wide availability of toolkits on the dark web have made EDR capabilities necessary to every business – especially those with limited IT security resources. Sophos is providing the equivalent of a team of global cybersecurity experts and access to the rich knowledgebase SophosLabs has about the reputation of files and other information collected through terabytes of malware analysis. IT managers can now quickly analyze and trace attack pathways without needing to reverse engineer files.”
Once cybercriminals get a foot hold, they use multiple attack methods to escalate privileges and advance step-by-step. With Intercept X Advanced with EDR, IT managers can see if an attacker is moving laterally, and leverage the anti-ransomware and anti-exploit capabilities in Intercept X, the industry’s most sophisticated endpoint prevention solution. Sophos Intercept X with EDR is integrated with Sophos Central, a cloud-based unified console for managing Sophos’ portfolio of products, allowing end users and Managed Security Partners to make decisions based on EDR intelligence from a single pane of glass.
The Intercept X Advanced with EDR Early Access Program is open for general admission. More than 300 organizations have already registered. To join the program and community, please visit www.sophos.com. For for more information on Intercept X, check out this video.