Sophos Product and Services News – April 2024

ProductsAdaptive Attack ProtectionSophos EndpointSophos IDSophos Managed RiskSophos XDRSophosLabsThird-Party Reviews

Check out the latest news from our product team.

The months ahead are full of promise and I’m excited for the opportunity for us to work together, leveraging our strengths, to enable even more organizations to benefit from our unparalleled services and product portfolio.


Sophos Managed Risk – Powered by Tenable

This quarter started with a bang with the launch of the Sophos Managed Risk service. Combining market-leading exposure management technology from Tenable with threat expertise from Sophos, Sophos Managed Risk enables organizations to see and fix unpatched vulnerabilities in their external attack surface.

Watch the 2-minute overview video and check out the resources on Partner Portal.


Sophos Endpoint: Adaptive Attack Protection enhancements

Adaptive Attack Protection (AAP) is a unique and powerful differentiator in Sophos Endpoint that dynamically enables heightened defenses on an endpoint when a “hands-on-keyboard” attack is detected. This month, we have significantly enhanced AAP with:

  • Increased visibility. New alerts notify customers when AAP is activated due to a threat on the endpoint.
  • Greater control. Customers can now manually activate (and deactivate) APP on a device to apply more aggressive protection while investigating suspicious activity. This is ideal for responders in situations where fully isolating a device from the network may be too disruptive to the organization. Admins can also extend the time that AAP is activated on a device to give more time to complete an investigation.
  • Persistent AAP rules. Customers can now apply specific AAP blocking rules to their devices persistently, via new policy settings in Sophos Central.

Learn more about what’s new to Adaptive Attack Protection in this blog post. And for a sub-5 minute refresh on Sophos Endpoint, check out the new overview video.

Sophos Endpoint: New Safe Mode protection

When adversaries fail to break through runtime protection layers, they often attempt to restart devices into Safe Mode where security software is not present or minimal. Sophos Endpoint now protects against adversary abuse of Safe Mode with two new capabilities:

  • Block safe mode abuse: A new AAP persistent policy rule that prevents the programmatic restarting of devices into Safe Mode.
  • Enable protection in safe mode: Sophos Endpoint protection capabilities, including our unrivalled CryptoGuard anti-ransomware technology and AI-powered malware protection, can now be enabled even if the device is running is Safe Mode.

Sophos MDR and Sophos XDR: New Cisco Umbrella integration

Cisco Umbrella is a cloud-delivered security service that provides a first line of defense against internet-based threats by blocking malicious destinations before a connection is established. Our new integration with Cisco Umbrella provides Sophos XDR and MDR customers with additional visibility into internet activity for early detection of emerging threats.

Sophos ID Multi-Factor Authentication expansion 

Sophos ID is the tool our partners and customers use to log in to Sophos services. It gives them instant access to all their licensed products and Sophos resources from a single login identity.

Sophos ID already included Multi-Factor Authentication (MFA) availability for the Central, Enterprise and Partner Dashboards. We have now expanded MFA availability to also include the Partner Portal, Self Service Portal, Sophos Communities, Sophos ID (landing page), Sophos Support, and more. Customer Super Admins can control the MFA expansion, enabling them to inform their users before deploying the new MFA prompt behavior.

SophosLabs Intelix: Cloud Lookups now available in Germany

Cloud Lookups from SophosLabs Intelix provide better protection outcomes for our products and we currently serve over a trillion queries a month. We’ve recently introduced a new Cloud Lookup (SXL) region in Germany, saving our customers across mainland Europe one year of total latency every hour and delivering an improved experience when using features like Web Control.

2024 Sophos Threat Report: Cybercrime on Main Street 

Our 2024 edition of this flagship report from Sophos X-Ops focuses on the threats facing SMB organizations. Read the full report on the blog, and access PPT slides and a co-brandable email template to share the findings with customers and prospects.

Sophos Active Adversary Report for 1H 2024

The latest Active Adversary Report presents what the Sophos X-Ops Incident Response (IR) team has learned about the current adversary landscape from tackling security crises around the world. Based on data from over 150 cases drawn from the 2023 workload of the IR team, it provides fresh insights into adversary behaviors and threats. Read the report.

 Spotlight Sophos X-Ops article: Benchmarking the security capabilities of large language models

Large Language Model (LLM) machine learning technology is proliferating rapidly, with multiple competing open-source and proprietary architectures now available. Read this article to discover the results of comparative testing that indicates which models fare best in cybersecurity and where cybersecurity fares best in AI. Read article.



Sophos named a Leader in the 2024 IDC MarketScape for Worldwide Modern Endpoint Security for Small Businesses

Hot on the heels of our recognition last month for the Midmarket sector, this IDC MarketScape that Sophos is also a top choice for smaller organizations.

 “Sophos, with an expansive set of protection technologies and proven MDR service offering, is a great option to help a small business improve its security posture in whatever way fits best”.

Learn more.

Sophos named a Leader in Frost & Sullivan’s 2024 Frost Radar™ for Global Managed Detection and Response

Sophos MDR continues to go from strength to strength – and industry analysts agree. Sophos has been named a Leader in the 2024 Frost Radar™ report for Global Managed Detection and Response. According to Frost & Sullivan, Sophos stands out as an MDR leader for flexibility, support for Microsoft environments, unlimited incident response and rapid growth. Learn more.


Sophos Firewall Earns Top Spot in G2 User Ratings

Once again, Sophos Firewall has clinched the #1 position in G2’s Spring 2024 Reports! With high customer satisfaction scores and a significant market presence, this marks the 5th consecutive report in which G2 users have shown such trust in our Firewall solution.

See the G2 Results