Enhancing EDR in the Cloud

ProductsCloud OptixIntercept X for ServerSophos EDR

We are excited to announce that Intercept X for Server Advanced with EDR has been enhanced with powerful cloud visibility features from Cloud Optix.

We are excited to announce that Intercept X for Server Advanced with EDR has been enhanced with powerful cloud visibility features from Cloud Optix.

In addition to even more detail on AWS, Azure and GCP cloud workloads, this integration gives Sophos partners and customers critical insight into their wider cloud environment including security groups, hosts, shared storage, databases, serverless, containers and more.

See complete cloud environments

The accessibility of the public cloud is a double-edged sword: while it enables teams to spin up new resources in minutes, it also makes it hard for IT and Operations teams to keep track of everything running that needs to be secured.

With Sophos it’s now easy. With Server EDR you now get details of your entire cloud infrastructure across different public cloud providers on one screen, in a single management console. You can dive directly into assets to get more detail asset inventory and cloud security posture.

Secure your complete cloud environment

Automated scans will detect any insecure deployments, with guided recommendations on how to fix potential issues. Additionally, guardrails can be deployed to lockdown configurations, ensuring that they can’t be accidentally or maliciously tampered with and left in an unsafe state.

AI intelligence tracks normal behavior patterns, looking for any suspicious activity such as anomalous traffic patterns or unusual login attempts to cloud accounts, and issues are flagged, and prioritized by risk level if they require manual intervention.

Extending Sophos EDR in the Public Cloud from Sophos on Vimeo.

Here’s the full list of what’s available:

  • Cloud asset inventory – see a detailed inventory of your entire cloud infrastructure (e.g. cloud hosts, serverless functions, S3 buckets, databases and cloud workloads), eliminating the need for time-consuming manual collation
  • Access and traffic anomaly detection – unusual login attempts, and suspicious traffic patterns are automatically detected and blocked or flagged to the admin as appropriate
  • Security scans – daily and on-demand scans monitor your cloud environment to ensure its on-going security. Issues are automatically resolved where possible, with admin notification if manual intervention is required
  • Configuration guardrails – stop accidental or malicious tampering with configurations that could negatively impact security posture
  • Compliance policies – ensure that your cloud environment conforms to Center for Internet Security (CIS) best practices, helping keep your security posture at its best
  • Alert management integrations – receive email notifications when manual intervention is required

 

Powerful cloud visibility at no extra cost

This exciting new cloud functionality is available to all Intercept X Advanced for Server with EDR customers at no additional cost. The following three term license types will all benefit from this boost!

  • Intercept X for Server Advanced with EDR (SVRCIXAEDR)
  • Intercept X for Server Advanced with MTR Standard (SVRCIXAMTR-STD)
  • Intercept X for Server Advanced with MTR Advanced (SVRCIXAMTR-ADV)

Activation of the Cloud Optix capabilities is extremely intuitive for Sophos Central customers. Best of all – no additional license key will be required for activation. Cloud Optix menu links will be displayed automatically in the Central Admin console for customers with eligible licenses and navigating to Cloud Optix will present the “Cloud Optix for EDR” feature-set.

Customers can Log into the Sophos Central console, select Cloud Optix and you can get started right away.

Current customers using Sophos Central that would like to try out this new functionality, in addition to the recently released EDR IT operations and threat hunting capabilities can start a trial from within the Sophos Central console.

If you don’t have a Sophos Central account you can register for a trial on Sophos.com.

 

Intercept X Advanced for Server with EDR and Intercept X Advanced with EDR give organizations unparalleled visibility and protection across their cloud, on-premises and virtual estates.

Cloud Optix shines a spotlight on complete cloud environments, showing what’s there, what needs securing and making sure that everything stays safe and secure.

To learn more about this exciting addition download the What’s New guide.

 


Please note: Some links above require access to the Sophos Partner Portal which is available for Sophos partners only. If you are a registered partner and have trouble logging in, please open a case on www.sophos.com/support.

In some cases, if you are not logged in, the direct links given may not work. If so, verify you are logged in to the Partner Portal and then click the link again to view the desired page.