{"id":2783,"date":"2021-02-25T09:19:25","date_gmt":"2021-02-25T09:19:25","guid":{"rendered":"https:\/\/partnernews.sophos.com\/en-us\/?p=2783"},"modified":"2021-02-25T09:19:25","modified_gmt":"2021-02-25T09:19:25","slug":"edr-4-0-xdr-early-access-program-eap-for-intercept-x-now-open","status":"publish","type":"post","link":"https:\/\/partnernews.sophos.com\/en-us\/2021\/02\/products\/edr-4-0-xdr-early-access-program-eap-for-intercept-x-now-open\/","title":{"rendered":"EDR 4.0 &#038; XDR Early Access Program (EAP) for Intercept X Now Open"},"content":{"rendered":"<p><strong>What is in the EAP?<\/strong><\/p>\n<p><strong>Sophos Data Lake<br \/>\n<\/strong>The Sophos Data Lake is a key component of both EDR (Endpoint Detection and Response) and XDR (Extended Detection and Response) functionality. It stores critical information from Intercept X, Intercept X for Server and XG Firewall, enabling access to data even when the corresponding device is offline. For example, look back 30 days for unusual activity on a device that has been destroyed or taken without authorization.<\/p>\n<p>Data retention periods are 7 days (EDR) and 30 days (XDR). In early access 7 days are available.<\/p>\n<p><strong>Sophos XDR &#8211; Extended Detection and Response<\/strong><br \/>\nGo beyond the endpoint and server by integrating important network data to build up an in-depth picture of potential threats across your estate. In the EAP customers that have both Intercept X and XG Firewall will have access to endpoint and firewall data (cloud firewall reporting required). If a customer has Intercept X but not XG Firewall and wants to test adding network data they will need to start a trial of XG Firewall. An XG Firewall customer would need to start a trial of Intercept X.<\/p>\n<p><em>Note &#8211; Sophos XDR will be a paid for upgrade.<\/em><\/p>\n<p>Here are just a few Sophos XDR use cases:<\/p>\n<ul>\n<li>Compare indicators of compromise from multiple data sources to quickly understand a suspected attack<\/li>\n<li>Use ATP and IPS detections from XG Firewall to investigate suspect hosts<\/li>\n<li>Identify unmanaged and unprotected devices across an organization\u2019s estate<\/li>\n<li>Understand why the office network connection is slow and what app is causing the traffic<\/li>\n<\/ul>\n<p><strong>How can I sign up for the EAP?<br \/>\n<\/strong>See this <a href=\"https:\/\/community.sophos.com\/intercept-x-endpoint\/b\/blog\/posts\/xdr-edr-data-lake-early-access-program-now-publicly-available\" target=\"_blank\" rel=\"noopener\">community post<\/a> for all the details on joining the EAP.<\/p>\n<p><strong>Who can join the EAP?<br \/>\n<\/strong>Customers, partners and prospects can all take part in the EAP with the exception of MSP Flex. They don&#8217;t need to be existing EDR or XG Firewall users (XG Firewall is not required to try the Sophos Data Lake).<\/p>\n<p>Don\u2019t forget that Intercept X customers and prospects who don\u2019t have EDR will also get access to the powerful IT operations and threat hunting capabilities of Live Discover and Live Response by taking part in the EAP, in addition to the Sophos Data Lake and Sophos XDR.<\/p>\n<p><strong>What is coming at product launch?<br \/>\n<\/strong>While we already have some fantastic features available in the EAP there are even more coming with the full product launch. You may see some of these features start to appear throughout the EAP:<\/p>\n<ul>\n<li>Scheduled queries that enable organizations to set queries to run ahead of time<\/li>\n<li>Enhanced pivoting options to further improve workflow and save users time<\/li>\n<\/ul>\n<p><strong>When is General Availability?<br \/>\n<\/strong>General Availability is currently planned for Q2 (calendar year 2021).<\/p>\n<p><strong>How can I learn more about XDR?<br \/>\n<\/strong>Next week we are running two SophSkills sessions open to internal staff and partners, register for them now.<\/p>\n<p>Introducing XDR \u2013 Extended Detection and Response<br \/>\n<a href=\"https:\/\/register.gotowebinar.com\/register\/2507480660165595662\" target=\"_blank\" rel=\"noopener\">Americas<\/a> | <a href=\"https:\/\/register.gotowebinar.com\/register\/2431265812663021838\" target=\"_blank\" rel=\"noopener\">APJ<\/a> | <a href=\"https:\/\/register.gotowebinar.com\/register\/4215865543520215310\" target=\"_blank\" rel=\"noopener\">EMEA<\/a><\/p>\n<p>Technical SophSkills: XDR \u2013 A Technical Look at Extended Detection and Response<br \/>\n<a href=\"https:\/\/register.gotowebinar.com\/register\/660762920385601806\" target=\"_blank\" rel=\"noopener\">Americas<\/a> | <a href=\"https:\/\/register.gotowebinar.com\/register\/1216493480458927630\" target=\"_blank\" rel=\"noopener\">APJ<\/a> | <a href=\"https:\/\/register.gotowebinar.com\/register\/660762920385601806\" target=\"_blank\" rel=\"noopener\">EMEA<\/a><\/p>\n<p><strong>Promoting the EAP<br \/>\n<\/strong>To help you get customers excited about these upcoming features you have access to:<\/p>\n<ul>\n<li><a href=\"https:\/\/partners.sophos.com\/prm\/English\/s\/assets?q=%22What%E2%80%99s%20New%20in%20EDR%204.0%20%26%20XDR%22\" target=\"_blank\" rel=\"noopener\">What\u2019s New Guide<\/a><\/li>\n<li><a href=\"https:\/\/vimeo.com\/514027958\/e6fc5c5c96\" target=\"_blank\" rel=\"noopener\">EAP Overview Video<\/a><\/li>\n<li><a href=\"https:\/\/vimeo.com\/513931295\" target=\"_blank\" rel=\"noopener\">Tech Video<\/a><\/li>\n<\/ul>\n<p><strong>EDR vs XDR \u2013 what\u2019s included?<\/strong><\/p>\n<table style=\"width: 51.2944%;\" width=\"693\">\n<tbody>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Features<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>Intercept X Advanced with EDR<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>Intercept X Advanced with XDR<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Cross-product data sources<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>X<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Cross-product querying<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>X<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Sophos Data Lake<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Data lake retention period<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>7 days<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>30 days<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>On-disk data retention period<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>90 days<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>90 days<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Scheduled queries<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Live Discover <em>(SQL querying for threat hunting and IT operations)<\/em><\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 32.8551%;\" width=\"231\"><strong>Live Response <em>(remote terminal access)<\/em><\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<td style=\"width: 32.8551%; text-align: center;\" width=\"231\"><strong>YES<\/strong><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><strong><em>Both versions include all <\/em><\/strong><strong><em>Intercept X protection capabilities. Intercept X for Server also has Sophos XDR available.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Early Access Program (EAP) that includes the Sophos Data Lake and Sophos XDR functionality is available for customers, prospects and partners to join. Note the EAP is not available for MSP Flex.<\/p>\n","protected":false},"author":56,"featured_media":3000002650,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2],"tags":[9,30,105,147],"coauthors":[61],"class_list":["post-2783","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-products","tag-early-access-program","tag-intercept-x","tag-sophos-edr","tag-sophos-xdr"],"jetpack_featured_media_url":"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2021\/01\/featured-image-sophos-endpoint-blog-icon-1600x960-1.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/2783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/users\/56"}],"replies":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/comments?post=2783"}],"version-history":[{"count":3,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/2783\/revisions"}],"predecessor-version":[{"id":2785,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/2783\/revisions\/2785"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/media?parent=2783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/categories?post=2783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/tags?post=2783"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/coauthors?post=2783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}