The Sophos/Secureworks integration is progressing at speed — and now is the time for partners to take advantage of the value it delivers.
Taegis customers will soon get Sophos Endpoint automatically included with their current solution— enabling them to remove other endpoint products and free-up cybersecurity budget. Sophos customers now gain access to expert-led Advisory Services, and all customers and prospects can leverage our new unified Emergency Incident Response offering.
Delivering this level of integration in just a few months is exceptional — with Sophos’ 16x Leader recognition in the Gartner Magic Quadrant for Endpoint Protection and Taegis’ powerful XDR capabilities, we’re bringing a best-in-class prevention and response platform to market — and using it to win.
We’re already seeing strong momentum, with customers switching from legacy MDR providers and new innovations on the horizon. This is just the beginning.
Watch the integration update video below to see where we’re headed next.
Jump to a section:
- Releases: Latest product, service and platform enhancements
- Recognition: Accolades from Gartner, G2, SE Labs and AV-TEST
- Resources: Thought leadership and the State of Ransomware 2025 reports
RELEASES
Integration update for Secureworks customers and partners
Delivery on the Sophos/Secureworks integration roadmap is progressing well. To keep Secureworks customers and partners up-to-date on the integration schedule, Joe Levy, CEO, and the product leadership team recorded a 12-minute integration update video that you can share with customers and team members.
Sophos Emergency Incident Response | Now live!
In June, we launched the first converged offering of the Sophos and Secureworks portfolios: Sophos Emergency Incident Response. This 24/7 service provides remote and onsite support for organizations under active cyberattack, guiding them through every stage of the incident response lifecycle — from initial investigation and forensics to remediation, threat reduction, and post-incident reporting. Billed hourly, it delivers robust new IR capabilities when they’re needed most. Learn more.
Sophos Advisory Services | New security testing services available
Built on Secureworks service offerings, Sophos Advisory Services deliver expert, independent guidance to help organizations identify vulnerabilities, strengthen defenses, and enhance resilience. We currently have three security testing service offerings that are fully saleable (using Secureworks SKUs), with more to follow:
- Sophos Internal and External Penetration Testing
- Sophos Wireless Network Penetration Testing
- Sophos Web Application Security Assessment
Check out the Advisory Services assets on the Sophos Partner Portal to learn more about our services and how to position them, and watch out for the full market launch that is coming soon.
Sophos Firewall | v21.5 now available
The latest version of our widely-recognized firewall introduces many top-requested features including Sophos NDR Essentials, the first-ever integration of network detection and response into a firewall. Delivered via the cloud to avoid performance impact, it offers “NDR lite” capabilities that detect suspicious activity at the network gateway. Available at no extra cost with Xstream Protection on XGS Series hardware, it’s a powerful NDR intro for customers and a valuable differentiator for partners. Learn more.
Sophos Managed Risk | Internal Attack Surface Management (IASM) now available
Sophos Managed Risk has been enhanced with powerful IASM capabilities. The service can now identify vulnerabilities within an organization’s internal network by leveraging industry-leading Tenable Nessus technology. Learn more and check out the key features and benefits below:
- Comprehensive vulnerability management: Regular automated scanning to identify weaknesses affecting assets within the network.
- AI-powered prioritization: Intelligently determines which vulnerabilities pose the highest risk and need immediate attention, guiding organizations to prioritize patching and remediation efforts.
- Unified, expert-led service: Unlike vendors that separate EASM and IASM into distinct products, Sophos provides an integrated managed service powered by leading Tenable technology.
Sophos MDR | Microsoft 365 integration promo video
While Sophos MDR leverages telemetry from across our customers’ environments to detect and neutralize threats, one of the most significant advantages — and a key differentiator of the Sophos MDR service — is our deep integration with Microsoft 365 for all customers regardless of the Microsoft license they’re using. Watch the new promo video to learn more and share with your contacts.
Sophos MDR/XDR | New integration health alerts
Sophos Central now generates alerts when a third-party integration has been in a failed or offline state for 24 hours. Initially introduced for the Microsoft 365 Management API integration in June, the alerting functionality is now supported for all third-party integrations in Sophos Central. Learn more.
Sophos XDR | GenAI features are now GA
GenAI-powered features make investigations faster, insights clearer, and our product even easier to use, helping us deliver a powerful advantage to customers of all sizes. AI Search, AI Case Summary, and AI Command Analysis features are all now generally available to Sophos XDR customers. And look out for exciting news about the Sophos AI Assistant coming soon!
Sophos Switch | Switch Stacking now available in Sophos Central
Switch stacking is a new capability in Sophos Central that allows network admins to manage a group of switches as if they were one logical unit. This saves them time and effort when managing and configuring multiple switches. Learn more or watch the video.
Taegis XDR | Extended platform support for the on-premises data collector
The Taegis XDR on-premises data collector enables customers to forward event sources via Syslog for ingestion into the Taegis data lake. The data collector now supports the Nutanix AHV Hypervisor. Learn more.
SophosLabs Intelix | Static Analysis surfaces embedded text
SophosLabs Intelix now features embedded text from binary files in the Threat Analyst tab, revealing key text indicators — like C2 domains and file paths. The strings are grouped by type, searchable, and downloadable, streamlining threat investigations without external tools. This update enhances support for MDR and XDR workflows, with more features coming soon.
RECOGNITION
Gartner: For the 16th consecutive time, Sophos has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Endpoint Protection Platforms (EPP). Learn more.
- Frost & Sullivan: Sophos named a Leader in the 2025 Frost Radar™ for Managed Detection and Response. Learn more.
- AV-Comparatives: Sophos Endpoint (Windows) scored a respectable 99.1% block rate with just 6 false positives. See the results.
- SE Labs: Sophos got AAA ratings in the latest testing and won four awards in this year’s SE LABS ® Awards 2025:
- SE Labs Award for Enterprise Endpoint (Windows)
- SE Labs Award for Small Business Endpoint (Windows)
- SE Labs Award for Small Business Managed Service Provider Solution
- SE Labs Award for Small Business Security Innovator
RESOURCES
Threat thought leadership
Sophos X-Ops, including the Counter Threat Unit (CTU), continue to lead from the front when it comes to security threat research. Recent publications from the team include:
- DragonForce actors target SimpleHelp vulnerabilities to attack MSP, customers – A recent Sophos MDR case reveals how attackers hijacked an MSP’s remote monitoring tool to launch a widespread DragonForce ransomware attack. With data exfiltration and double extortion in play, this incident highlights the growing risks to service providers and their clients.
- Beyond the kill chain: What cybercriminals do with their money In this series of five articles, Sophos X-Ops explores the implications and opportunities arising from threat actors’ involvement in real-world industries and crimes.
The State of Ransomware 2025
Packed with data points to drive sales conversations and show industry leadership, the State of Ransomware 2025 is a fantastic resource for all go-to-market teams. The report reveals the causes and business consequences of ransomware in 2025, including unrivalled insights into why organizations fall victim, recovery costs, ransom payments, impacts on IT and cybersecurity team members, and more.
