Sophos Product and Services News – October 2023

ProductsApple macOSAwardsIntercept XLinuxSophos CentralSophos EndpointSophos FirewallSophos Incident Response Services RetainerSophos ZTNA

Discover the latest news from our product team.

Our product and service delivery keeps getting stronger and stronger. We continue to innovate and lead the market with our technologies and cross-product integrations. The analyst community agrees; September has brought another raft of awards and recognition for the superior outcomes we deliver to over 560,000 customers around the globe.

Watch this 04:20 minute video for a quick overview of the new capabilities and offerings we launched in Q2  and read on below for further details of our most recent releases.


Critical Attack Warning in Sophos Endpoint

Context-sensitive defenses that automatically respond to adversary behaviors are one of the (many) innovative and unique layers of protection in Sophos Endpoint. Critical Attack Warning is the newest addition to our context-sensitive defenses, automatically alerting customers to estate-wide attacks that require immediate incident response. It’s currently being rolled out to customers running Sophos Intercept X Advanced and Sophos XDR, as well as new customers. (It won’t be displayed to Sophos MDR customers as the MDR team will have identified and resolved the threat before it gets to this stage). Learn more.


Sophos Firewall v20 Early Access Program

Sophos Firewall v20 is now available for all customers and partners to kick the tires during the early access program (EAP). As with every firewall release, v20 packs a lot of fantastic new features, including our new Active Threat Response capability that integrates Sophos Firewall with Sophos MDR (and soon Sophos XDR) to provide automatic response to threats without the need to create firewall rules. Learn more.


Sophos ZTNA on Sophos Firewall Early Access Program

Sophos Firewall and Sophos ZTNA are two cornerstones of our network security stack. This new integration brings them even closer together by enabling customers to take advantage of a new integrated ZTNA gateway in their Sophos Firewall. With this new integration it’s now easier than ever for Sophos Firewall customers to enable secure access to applications, systems, and data behind the firewall. Learn more.


Sophos Firewall and Generative AI Policy Enforcement

Generative AI has been the subject of a lot of buzz recently, with good reason – it presents both an enormous opportunity and potential risks. Many organizations are looking to get better insights into generative AI application usage in their business and formulate acceptable use policies. To that end, we’ve recently added a full suite of generative AI application identification, reporting, and control capabilities to Sophos Firewall that provides organizations with full control to block, accelerate, or simply monitor generative AI use on their networks. Learn more.


Sophos Incident Response Services Retainer

Our new Sophos Incident Response Services Retainer gives organizations the peace of mind that they have a highly experienced team of incident response analysts on standby to get them operational as quickly as possible in the event of a breach.

It is available to anyone* and is particularly suitable for organizations running Sophos Endpoint or Sophos MDR Essentials (*unless already running MDR Complete which includes full IR as standard). Learn More.


Sophos Central New Primary Navigation and Sophos Assistant

Last month we made a major update to the navigation within Central, moving from left navigation to top navigation. Customers and partners can currently choose between the two navigation approaches although eventually everyone will be moved to the top navigation.

The new navigation provides more screen real estate for day-to-day operations while also rationalizing some of the menu options. In addition, the stacked banner notifications have been moved to a new notification center and banners will now only be used for critical items such as scheduled maintenance outages.

As part of this change, we’ve also launched Sophos Assistant which provides a guided walkthrough of the new navigation as well as an easy way to search for online product documentation. In the future it will be expanded to cover other areas within Sophos Central.


Linux Server Protection Enhancements

While Windows and macOS are the most common operating systems (OS) in our customer environments, many servers run Linux and they are a prime target for adversaries due to the valuable content they hold and the applications they serve. Sophos has a long history of providing world-leading protection for Linux devices, and in September we rolled out a number of customer-requested enhancements to further strengthen our Linux offering:

  • New Runtime detection profiles enable customers to activate and configure a comprehensive range of runtime detections for Linux servers and apply them to policies in Sophos Central
  • Support for fixed-term packages provides additional flexibility for customers to test and control updates across their estate (this is part of our Enterprise Software Management program)
  • Message Relay and Update Cache can now be configured when installing the Linux agent
  • On-access scanning can now be configured to scan on-read, on-write, or both in the Threat Protection policy, to reduce scanning load for read-heavy workloads such as web servers.


macOS Update: Sophos Endpoint and Sophos Home are Sonoma Ready!

Apple surprised us a couple of weeks ago by announcing an earlier-than-expected GA date (September 26th) for Sonoma, the latest version of macOS. Our amazing engineering team has pulled out the stops and I’m pleased to say that we supported Sonoma from day one.



Sophos Endpoint had a bumper harvest of awards in Q2. Following a recent AAA award from SE Labs, in September our endpoint offering was recognized by MITRE, Gartner, and G2.

Sophos Intercept X with XDR Excels in latest MITRE ATT&CK Evaluations

The MITRE Engenuity ATT&CK Evaluations are among the world’s most respected independent security tests. In the latest MITRE test, Sophos Intercept X with XDR achieved 99% detection coverage of 143 adversary attack steps, including 98% of detections resulting in rich “Analytic Coverage” – context on the “What”, “Why”, and “How” of adversary behavior. Explore the Results


Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms (again!)

Sophos has been named a Customers’ Choice in the Gartner® Peer Insights™ Voice of the Customer for Endpoint Protection Platforms (EPP) report with an overall customer rating of 4.8 out of 5 across 451 verified customer reviews as of June 2023. What’s more, Sophos is the ONLY vendor:

  • Recognized as a Gartner Customers’ Choice across EPP, MDR, network firewalls, and mobile threat defense
  • Named a Customers’ Choice for EPP across all industry segments evaluated in the report – including education, finance, healthcare, manufacturing, and services
  • Named Customers’ Choice for the entire education market category


G2 Names Sophos a Leader for Endpoint Protection, EDR, XDR, Firewall, and MDR

G2 released their Fall 2023 Reports in September, and Sophos is the ONLY cybersecurity provider named a Leader across the G2 Grid® Reports for Endpoint Protection Suites, Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Firewall Software and Managed Detection and Response (MDR). Additionally, G2 users also rated Sophos the #1 overall MDR and Firewall solutions. Learn more.


Additional Analyst Recognition

Sophos has also been also recognized by myriad analyst firms over the last month for leadership across our portfolio:

  • KuppingerCole named Sophos a Leader in their Leadership Compass for MDR
  • Frost & Sullivan named Sophos a Leader in their Radar for XDR
  • Gartner included Sophos as one of 10 vendors in their Market Guide for XDR
  • Frost & Sullivan named Sophos a Leader in their Radar for Next-Gen Firewalls
  • Forrester recognized Sophos as a representative vendor in their Cloud Workload Security Landscape
  • Gartner cited Sophos’ State of Ransomware 2022 research in their report: “Ransomware Recovery Requires a Layered Recovery Response”
  • 451 Research recognized Sophos was a security platform player in a recent report