Sophos unveils new version of its Endpoint Detection and Response (EDR) solution
Sophos unveils an update to its Endpoint Detection and Response (EDR) solution, the first solution designed for both security analysts and IT administrators, available with Sophos Intercept X Advanced and Intercept X Advanced for Server with EDR.
Significant developments and new features in the solution allow security analysts to identify and neutralize insidious threats faster and easier while IT administrators can now proactively maintain the security of IT operations to reduce the risks.
As revealed in the Sophos State of Ransomware 2020 study, only 17% of French companies victims of ransomware say they were able to detect and stop the intrusion before encrypting files. New features in Sophos EDR allow security teams and IT to detect threats and security breaches that would typically take months to discover. Sophos EDR addresses this difficulty by drastically reducing the time it takes to detect signs of a security breach.
Sophos EDR offers exceptional visibility of the entire enterprise IT infrastructure, enabling IT and security managers to quickly respond to critical questions regarding Threat Hunting and IT security operations, and react easily.
Among the new features:
• Live Discover: Unlike other EDR solutions, which only store data for one or two weeks, Sophos EDR offers 90 days of retention with the basic offer. With out-of-the-box SQL queries, administrators can answer questions related to Threat Hunting and IT, building on a library of predefined and fully-customized user options. This flexible query engine provides access to some of the most granular and detailed activity records, also enriched with Sophos Deep Learning technology.
• Live Response: allows you to respond to and access devices and servers using a command line interface to thoroughly investigate and resolve problems, easily reboot systems, install and uninstall software, terminate running processes, run scripts, modify configuration files, run analysis tools, isolate machines, etc.
Sophos EDR relies on Sophos’s Deep Learning neural network, trained on hundreds of millions of samples to find threat indicators. Security analysts and IT administrators also benefit from on-demand access to threat intelligence from SophosLabs, which monitors, peels and analyzes over 400,000 malware samples daily. Available now with Sophos Intercept X Advanced and Intercept X Advanced for Server with EDR at no additional cost, Sophos EDR will be compatible with Windows, MacOS and Linux. New Live Discover and Live Response features are easily managed from the Sophos Central cloud platform’s Threat Analysis Center for real-time information sharing with the entire suite of Sophos Next-Gen cybersecurity solutions using Sophos’ unique approach to synchronized security. Sophos EDR is associated with Sophos Managed Threat Response (MTR), a 100% managed search, detection and threat response service, allowing companies to strengthen their capacities through human analysis for an even more advanced approach to proactive security protection.