Sophos Product and Services News – May 2023

ProductsCloud OptixCyber InsuranceIntercept X for ServerManaged Detection and Response (MDR)Sophos EmailSophos EndpointSophos NDRSophos SwitchSophos XDRSophos ZTNA

Discover the latest news from our product team, including Sophos Adaptive Attack Protection, new MDR third-party integrations, cyber insurance partnerships, and more.

At the start of this new fiscal year I am excited by the opportunities ahead of us. We have without doubt a strong portfolio of cybersecurity services and products, and it’s only getting stronger. Take a moment to check out our latest product releases, services news, and awards.

What’s New in Protection

 Sophos Adaptive Attack Protection

We’ve recently added the ability for Sophos Endpoint to dynamically apply aggressive protection when a human-led attack is detected. This is a game-changing capability that buys customers valuable time to neutralize active adversaries before damage is done. Interest in Adaptive Attack Protection is high and we’ve created this short overview video to explain how it works:


Sophos Firewall Sees Security and Other Enhancements

We are implementing two security enhancements that help harden your customers’ firewall and follow industry best-practices for the protection of their firewall from attacks. These changes affect Web Admin and User Portal Access from the WAN. Plus, there are a few other enhancements for dynamic routing and SD-RED included in the latest maintenance release for SFOS v19.5 MR2.

Discover More


Enterprise Software Management Enhancements to Sophos Endpoint and Server protection

We’ve recently introduced new alerts to notify Sophos Endpoint and Sophos Server customers of the availability of Fixed Term Packages. Plus, we’ve added the ability to isolate macOS devices from the network when investigating potential threats.


Sophos ZTNA with XDR Query Packs

We are expanding Sophos XDR and Sophos MDR investigations with Sophos ZTNA. Sophos XDR will provide the ability to investigate Sophos ZTNA user behavior and application activity making it easier for investigators to understand context and scope of user activity in an investigation.

Discover More


Sophos Switch Enhancements

Sophos Switch is making it easier to interoperate complex layer 2 environments by adding MAC authentication bypass (host, port, and hybrid), custom HTTPs certificate management, and SSH cipher improvements.

In parallel, we are integrating the Switch Support and Services subscription in Sophos Central and you may need to adjust your customers’ support cover within the next three months to maintain their current functionality.

Discover the New Release
Learn More about Support and Services Integration


Cloud Optix Enhancements for Microsoft Azure

  • Cloud activity anomaly detection and reporting. Previously only available for AWS, this feature enables customers to quickly see behavior that deviates from normal. For example, when a user performs new or riskier actions, or completes actions outside of their normal working hours.
  • New security assessment rules. Thirty new security rules have been added for Azure environments as part of a new policy template, CIS Benchmark for Azure Foundations v1.5.0.


Enhancements in Sophos Email

  • Data control policies now allow for the inspection and modification of email headers. This enables increased security of email content, attachments, and intellectual property by allowing email administrators to add policy rules based on email headers. For instance, you could prevent emails that are marked confidential from being sent outside the organization unless they are encrypted.
  • Quarantine enhancements allow advanced search of messages, lists all URLs in a message, and gives options to block sender’s address, domain, or IP address.
  • Compromised account detection analyses email traffic pattern to detect mailboxes that are likely to be controlled by bad actors to send unwanted emails.

Please also take a look at the latest TechVids for Sophos Email:

What’s New in Managed Detection and Response

Additional Sophos MDR Third-Party Integrations

Uniquely, Sophos MDR meets customers where they are, using telemetry from both Sophos and third-party security technologies to detect, investigate, and respond to threats. We continue to extend our third-party integrations and have recently added CrowdStrike, Cylance, Symantec, and WatchGuard to our fast-growing list – with more coming later this quarter.

Visit the Sophos Marketplace


Enhanced Sophos XDR Search Experience

We’ve just entered the Early Access Program (EAP) for a new search experience that makes it easier for analysts to investigate and hunt threats on the endpoint. It includes a new Search functionality that l is more straight forward and less verbose than SQL.  We have also begun to standardize field names into a common taxonomy, starting with Sophos Endpoint data stored in the Sophos Data Lake.

Learn More


Sophos Cyber Insurance Partnerships

Cybersecurity has a direct relationship on cyber insurance and Sophos recently entered into business partnerships with Cowbell and Measured Analytics and Insurance, two U.S.-based cyber insurance providers.

Cowbell, a specialist SMB cyber insurance provider in the U.S., allows Sophos customers enjoy streamlined access to cyber insurance coverage as well as the ability to opt-in to sharing their endpoint health security data in order to optimizes their insurance provision. Read more.

The partnership with Measured Analytics and Insurance, the AI-powered cyber insurance provider, unlocks Measured insurance premium savings for Sophos’s U.S.-based customers in recognition of their strong cyber defenses. Read more.


NDR and Log Collector Deployment Option for Microsoft Hyper-V

The Sophos NDR sensor and log collectors are now fully supported for deployment on Microsoft Hyper-V. As part of our Early Access Program, we found that over 20% of our NDR customers opted to use Hyper-V for deployment.

For more details, please visit the NDR community forum.


Recognition and Awards

G2 Names Sophos a Leader for Endpoint Protection, EDR, XDR, Firewall, and MDR

G2, the world’s largest software marketplace and peer-review platform, just released their Spring* 2023 Reports, with Sophos the only cybersecurity provider named a Leader across the G2 Grid® Reports for:

  • Endpoint Protection Suites
  • Endpoint Detection and Response (EDR)
  • Extended Detection and Response (XDR)
  • Firewall Software
  • Managed Detection and Response (MDR)

Additionally, G2 users also rated Sophos the #1 overall XDR and Firewall solutions.

These independent, verified customer rating is a testament to the unparalleled security outcomes that Sophos delivers to organizations around the globe.

Learn More


Please note that Sophos is not a licensed insurance producer and does not sell, solicit or negotiate insurance products. By providing access to any third-party websites, Sophos is not recommending or endorsing any such third parties, or any products or services offered by such third parties. To the extent you access a third-party website from a Sophos website, please be advised that Sophos does not investigate, monitor, or check any third-party websites, or the content of such websites, for accuracy, appropriateness, or completeness, and you are solely responsible for your interactions with such third parties.