{"id":6879,"date":"2023-10-25T09:00:32","date_gmt":"2023-10-25T07:00:32","guid":{"rendered":"https:\/\/partnernews.sophos.com\/en-us\/?p=6879"},"modified":"2023-11-02T08:35:01","modified_gmt":"2023-11-02T08:35:01","slug":"sophos-firewall-v20-active-threat-response","status":"publish","type":"post","link":"https:\/\/partnernews.sophos.com\/es-es\/2023\/10\/products\/sophos-firewall-v20-active-threat-response\/","title":{"rendered":"Sophos Firewall v20 Active Threat Response"},"content":{"rendered":"

With Sophos Firewall v20 now available for early access<\/a>, we will be covering some of the top new features every week leading up to launch.<\/p>\n

In last week\u2019s article, we covered the new authentication and Azure AD enhancements<\/a> in Sophos Firewall v20. This week, we\u2019ll have a look at one of the flagship features of this release \u2013 Active Threat Response.<\/p>\n

Active Threat Response dramatically improves response time.\u00a0 It essentially extends Synchronized Security to Sophos MDR and XDR analysts \u2013 enabling an instant and automated response to active adversaries and threats.<\/p>\n

How it works:<\/h2>\n

If an analyst identifies a new threat communicating out to a command and control server, they can push that threat intel to the firewall from Sophos Central via a new threat feed API. The firewall will then start coordinating a defense immediately and automatically \u2013 without the need for manual intervention or new firewall rules. Any host attempting to communicate with the blocked threat will be flagged with a RED Security Heartbeat and be isolated accordingly, preventing any lateral movement and stopping the threat dead in its tracks. It works equally well regardless of what initially identifies the threat: the analyst, an endpoint, the firewall, or NDR.<\/p>\n

\"\"<\/p>\n

Check out this video for a comprehensive overview of this exciting new capability:<\/p>\n