Sophos stands tall and unrivalled as the sole security maestro adorned with the prestigious Gartner Customers’ Choice crown for not just one but three paramount categories: Endpoint, Firewall, and MDR! It’s recognition of the hard work you all do day in and day out to deliver superior outcomes and experiences for our customers.
But wait, there’s more! The past weeks have been a whirlwind of innovation and achievement. We have several exciting new releases to share with you, and continued industry recognition for Sophos.
What’s New
AP6 Series Wireless Access Points
Wi-Fi 6 is an industry standard designed to improve wireless security, performance, and overall network experience Our new, much-anticipated AP6 Series range of access points enables organizations to take advantage of Wi-Fi 6 while providing the flexibility and scalability they need to support their business. With Sophos Central management as standard, it’s now easier than ever for customers to add wireless security to their Sophos security stack. The first orders are already in, and we anticipate high demand for this solution. Learn more.
Sophos Endpoint – New Anti-Exploit Protections
Exploited vulnerabilities were the most common ransomware attack vector in 2022. Sophos Endpoint already provides the most comprehensive exploit protection available with over 60 mitigations enabled. Our two new protections continue to raise the bar:
- Protect browser cookies used for MFA sign-in (AKA CookieGuard): guards against attackers trying to steal authentication tokens from Chrome or Edge browsers
- Prevent malicious beacons connecting to command-and-control servers (AKA C2 Interceptor): identifies and blocks beacons that attempt to evade detection by remaining encrypted
All Sophos Endpoint exploit mitigations are enabled by default, with no customer configuration required. Sophos customers automatically benefit from these enhancements to their defenses.
Sophos Endpoint – Comparison Scores for the Account Health Check
The Account Health Check capability makes it easy for Sophos Endpoint and Server users to optimize their security posture and has already proved hugely popular. We continue to extend this feature, and customers can now compare their own health scores with the average scores of other organizations with a similar number of devices, providing context and motivation for improvement.
In the example below, the customer has an overall score of 49 which is well below the average score of 97. Customers can also compare each of the individual health check scores (e.g., protection installed, policies) to identify where to focus. The drop-down on the right enables users to select their desired comparison cohort.
Sophos Endpoint: Critical Attack Warning
We continue to build out advanced protection and earlier this year we started to market Adaptive Attack Protection which automatically deploys an elevated level of protection if adversary activity is detected on a particular device. We continue to extend our context-sensitive defenses with our new Critical Attack Warning capability which will deploy if adversary activity is detected across multiple devices with additional high-impact indicators.
Critical Attack Warning will be available to all Intercept X Advanced and XDR customers from early September.
When the Critical Attack Warning threshold is met, an email will be sent to all admins in that Sophos Central account, informing them of the situation and providing attack context and details. The customer can respond themselves using Sophos XDR, seek assistance from their partner, or engage the Sophos Incident Response team.
Sophos XDR: NDR Early Access Program
Network Detection and Response (NDR) solutions continuously monitor activity inside the network to detect suspicious activities occurring between devices which may be indicative of attacker activity. It’s an increasingly important part of a security stack because, while advanced attackers are skilled at evading detection and will even delete evidence of their presence, they still need to move across the network to carry out an attack.
Sophos NDR has been a highly popular integration for Sophos MDR since its launch last November, and we’re now bringing it to Sophos XDR. The Early Access Program is now open, enabling all XDR customers to try it for free with GA targeted for November.
Sophos XDR Threat Analysis Center Dashboard
The new Sophos XDR Threat Analysis Center Dashboard makes it easier to quickly access actionable data in order to accelerate threat detection, investigation, and response.
All Sophos XDR customers benefit from seven new visualizations (widgets) plus multiple widget views and the ability to interact with each widget in multiple ways to get the deep insights they need. Read the documentation to learn more.
Sophos XDR: Detections UX Early Access Program
The new Detections User Experience (UX) is designed to facilitate and accelerate investigation of suspicious alerts, enabling operators to quickly identify malicious activities. It provides a clear view of the most important data for each detection, as well as access to actions that increase investigation efficiencies including pivots and Live Discover queries. The Raw Data tab provides all the telemetry that makes up the detection, which is useful during the more in-depth phase of an investigation. Learn more and join the Early Access Program.
Coming Soon: Critical Attack Warning in Sophos Central
Adaptive Attack Protection came to Sophos Endpoint earlier this year, automatically deploying an elevated level of protection if adversary activity is detected on a particular device. Coming soon, the new Critical Attack Warning extends Sophos Endpoint’s context-sensitive defenses with an estate-wide approach that alerts if adversary activity is detected across multiple devices in the customer’s environment.
When the Critical Attack Warning threshold is met, an alert will be sent to all admins in the Sophos Central account to inform them of the situation and provide attack context and details. Customers can respond themselves using Sophos XDR, seek assistance from their partner, or engage the Sophos Incident Response team, all from within Sophos Central
We’re planning to make Critical Attack Warning available to all customers running Sophos Intercept X Advanced and Sophos XDR via a staged roll-out, due to begin later this month.
Sophos Central Turns Ten!
July 29, 2023, marked the tenth birthday of Sophos Central, the world’s most trusted cybersecurity platform. Over the last decade, Sophos Central has grown from supporting Sophos Endpoint and Server solutions for customers in the U.S. and UK, to the global management platform for all Sophos’ next-gen security services and products. It’s a tremendous achievement and we look forward to delivering further leaps forward in usability, capability and function in the year ahead. Learn more.
Sophos Endpoint – Achieving Citrix Ready Verification
The Citrix Ready Program helps software and hardware providers develop and integrate their products with Citrix technology. Sophos Endpoint has now achieved Citrix Ready verification, ensuring it can be deployed and provide protection to virtual machines running on the Citrix Virtual Apps and Desktop software, as well as their Desktop as a service (DaaS) offering. Learn more.
Sophos Firewall v19.5 MR3
Extending the protection and performance delivered by Sophos Firewall, our latest maintenance release (v19.5 MR3) includes more than 65 functionality, reliability, stability, and security enhancements. Plus, it sets up customers to be able to take advantage of our upcoming Sophos ZTNA Gateway integration that will make ZTNA deployments easier than ever. Learn more.
Central Firewall Management Updates
In the first of a series of updates to improve firewall alerting for partners and customers, we’ve reduced the volume of alerts by suppressing repetitive alerts. Soon we’ll be adding tools to enable users to adjust suppressions per alert, automatic closing of resolved alerts, and improvements to alert contents. We’ve also enabled partners to connect directly from the Partner Dashboard into the management web interface of any of their customers’ firewalls, simplifying and streamlining day-to-day management while adding a few cosmetic and functionality improvements on the way.
Sophos Cloud Native Security – Serverless Storage Protection for Amazon S3
The new Serverless Storage Protection in Sophos Cloud Optix scans files stored in the Amazon Simple Storage Service (S3) for threats, detecting malware in all file types, including executables, media, documents, and more. Should a threat be detected, an alert is raised – enabling admins to quickly address the issue. Admins can also configure automatic remediation actions to delete or quarantine a malicious file if they prefer. Online help.
2023 Active Adversary Report for Tech Leaders
Sophos X-Ops has published their 2023 Active Adversary Report for Tech Leaders, sharing insights and learnings from incidents that Sophos Rapid Response was brought in to remediate in the first half of calendar year 2023. It is a great resource to showcase Sophos’ cybersecurity and IR expertise, and to demonstrate the need for 24/7 expert-led threat detection and response. Read the report.
Awards & Recognition
Sophos Named Gartner® Customers’ Choice for MDR
Sophos MDR has been named Gartner® Customers’ Choice in their first ever “Voice of the Customer” report for the managed detection and response services category. Sophos earned a 97% “Willingness to Recommend” score—no other service provider scored higher—and had more customer reviews than the other three Customers’ Choice providers combined.
Sophos is the only vendor in the world to have earned Gartner Customers’ Choice for Managed Detection and Response Services, Endpoint Protection Platforms, and Network Firewalls. Learn more.
Sophos Endpoint Gains 100% Total Protection Score and two AAA awards from SE Labs
Sophos Endpoint continued its winning streak with a 100% Total Protection score and both Enterprise and Small Business AAA awards in SE Labs’ Q2 (April to June) 2023 Endpoint Protection report. Sophos detected and stopped commodity, real-world cyberattacks, and simulated targeted attacks with 100% accuracy. Unlike our primary competitors, this is the third report in a row when Sophos has received an AAA rating and 100% Total Protection score.
Sophos XDR Named a Leader in Frost & Sullivan’s New XDR Radar Report
Frost & Sullivan has published its inaugural XDR vendor comparison report, naming Sophos as one of their 17 shortlist XDR vendors out of the 70 s they track globally. In the report they affirm our strategy: “Sophos’s effort to move away from mostly native integrations to hybrid XDR over the years has been the right path. Third-party integration brings flexibility, especially for Sophos’s target market of smaller, less mature businesses that want to take advantage of their existing security stacks.”
