{"id":11255,"date":"2021-05-09T06:38:22","date_gmt":"2021-05-09T06:38:22","guid":{"rendered":"https:\/\/web3unplugged.io\/blog\/?p=11255"},"modified":"2021-05-09T06:38:28","modified_gmt":"2021-05-09T06:38:28","slug":"sophos-launches-industrys-only-xdr-solution-that-synchronizes-native-endpoint-server-firewall-and-email-security","status":"publish","type":"post","link":"https:\/\/web3unplugged.io\/blog\/sophos-launches-industrys-only-xdr-solution-that-synchronizes-native-endpoint-server-firewall-and-email-security\/","title":{"rendered":"Sophos Launches Industry’s Only XDR Solution That Synchronizes Native Endpoint, Server, Firewall, And Email Security"},"content":{"rendered":"\n

Sophos<\/a>, a global leader in next-generation cybersecurity, today announced Sophos XDR<\/a>, the industry\u2019sonly extended detection and response (XDR)solution thatsynchronizes nativeendpoint, server, firewall, and email security. With this comprehensive and integrated approach, Sophos XDR providesa holistic view of an organization\u2019s environment with the richest data setand deep analysis for threat detection, investigation and response.<\/p>\n\n\n\n

\u201cWe\u2019re seeing an extraordinarily high level of complex ransomware and other cybercrime, and the need for effective, comprehensive cybersecurity has never been more critical or urgent,\u201d said Dan Schiappa, chief product officer at Sophos. \u201cSophos XDR is a game-changing new solution for proactively defending against the most sophisticated and evasive attacks, especially those that leverage multiple access points to gain entry, move laterally to evade detection, and do as much damage as possible as fast as possible.\u201d  <\/p>\n\n\n\n

Attacks on Steroids<\/strong><\/p>\n\n\n\n

Sophos today also published new research, \u201cIntervention halts a ProxyLogon-enabled attack<\/a>,\u201d detailing an attack against a large organization that began when the adversaries compromised an Exchange server using the recent ProxyLogon exploit. The research shows howthe attackers moved laterally through the network and, over a two-weekperiod,stole account credentials; compromised domain controllers; secured a foothold on multiple machines; deployed a commercial remote access tool to retain access to hacked machines; and delivered a number of malicious programs.<\/p>\n\n\n\n

\u201cAs explained in the research report, the attackers returned repeatedly, sometimes with different tools and other times to deploy the same tool, such as Cobalt Strike, on different machines. They used a commercial remote access utility rather than the more standard RDP that threat hunters would more typically look for,\u201d said Schiappa. \u201cThis report explains the complex nature of human-operated cyberattacks and how multi-stage, multi-vector incidents are difficult for IT security teams to track and contain. The target simply couldn\u2019t keep up with the attack activity taking place across all parts of the estate. Based on Sophos\u2019 2021 State of Ransomware<\/a> report, this issue is more widespread than this one incident. More than 54% of IT managers surveyed said cyberattacks are too advanced for their IT teams to handle on their own. XDR is a critical defense component.\u201d<\/p>\n\n\n\n

Deep Threat Analysis with Rich Data Set<\/strong><\/p>\n\n\n\n

Sophos XDR extends visibility across Sophos\u2019 next-generation portfolio of solutions for an in-depth picture of threats. At the heart of Sophos XDR is the industry\u2019s richest data set. Sophos XDR offers two types of data retention, including up to 90 days of on-device data, plus 30 days of cross-product data in the cloud-baseddata lake. The unique approach of blending on-device and data lake forensics provides the broadest and most in-depth contextualized insights that can be leveraged by security analysts through Sophos Central and via open application programming interfaces (APIs) for ingestion into security information and event management(SIEM);security orchestration, automation and response (SOAR); professional service automation (PSA); and remote monitoring and management(RMM) systems. <\/p>\n\n\n\n

The data lake hostscritical information from Intercept X<\/a>, Intercept X for Server<\/a>, Sophos Firewall<\/a>, and Sophos Email<\/a>.Sophos Cloud Optix<\/a> and Sophos Mobile<\/a> will also feed into the data repository later this year. Security and IT teams can easily access this data to run cross-product threat hunts and investigations, and to quickly drill into granular details of past and present attacker activity. The availability of offline access to historical data further protects against lost or impacted devices.<\/p>\n\n\n\n

Sophos today additionally released a new version of its industry-best endpoint detection and response \u2013 Sophos EDR<\/a>. New scheduled queries and customizable contextual pivoting capabilities make it faster and easier than ever for security analysts and IT administrators to identify, investigate and respond to security issues with speed and precision. Users further benefit with new pre-configured queries and powerful threat intelligence through integration with SophosLabs Intelix<\/a>. Sophos EDR customers can access seven days of cloud hosted data (upgradable to 30 days) in the data lake, in addition to 90 days ofon-device data.<\/p>\n\n\n\n

\u201cAs one of the world\u2019s top British fashion retailers with hundreds of stores worldwide, security is a top priority. We\u2019re committed to protecting our loyal customers\u2019 data, and that starts with securing our networks against advanced threats,\u201d said Alistair Knowles, cyber security analyst at Ted Baker. \u201cSophos XDR provides critical visibility into a goldmine of valuable endpoint data, enabling us to detect and stop threats before they cause any damage. We can easily look for those needle in a haystack kind of incidents and determine their scope with both new and historical data at our fingertips. Integration with solutions like Splunk, for example, take it to the next level with even deeper insights. Once we have the forensics needed to neutralize a threat, Sophos\u2019 Live Response capabilities enable us to remediate issues remotely, which is imperative in today\u2019s remote working environments.\u201d<\/p>\n\n\n\n

Cybersecurity Evolved: An Adaptive and Open Cybersecurity Ecosystem<\/strong><\/p>\n\n\n\n

Sophos XDR and EDR are part of the Sophos adaptive cybersecurity ecosystem<\/a> (ACE), a new open security architecture that optimizes threat prevention, detection and response. Sophos ACE leverages automation and analytics, as well as the collective input of Sophos products, partners, customers, developers, and other security industry vendors to create protection that continuously improves \u00ad\u2013 a virtuous cycle that is constantly learning and advancing.<\/p>\n\n\n\n

Sophos ACE is built upon the data lake, correlatingactionable insights from Sophos solutions and services as well as threat intelligence from SophosLabs<\/a>, Sophos AI<\/a> and the Sophos Managed Threat Response<\/a> team. Open APIs enable customers, partners and developers to build tools and solutions that interact with the system and to take advantage of existing integrations. Sophos is leading the industry with this approach and already integrates with many vendors<\/a>.<\/p>\n\n\n\n

\u201cAttackers are getting smarter and better than ever at evading detection. The only way to keep pace is with AI-powered automation to analyze and react faster to behaviors and events, coupled with human analysts to correlate multiple suspicious signals and interpret their true meaning,\u201d said Schiappa. \u201cThe Sophos adaptive cybersecurity ecosystem is an evolution of Sophos\u2019 acclaimed synchronized security approach, and a beautifully elegant solution to a complex problem. The smart ecosystem is engineered to protect the interconnectedness of our businesses and online world, and it couldn\u2019t come at a more pivotal time given realities of the past year that forced sudden shifts in remote working and cloud adoption.\u201d<\/p>\n\n\n\n

Availability<\/strong><\/p>\n\n\n\n

Sophos XDR, as well as the updated EDR capabilities for Intercept X Advanced with EDR<\/a> and Intercept X Advanced for Server with EDR<\/a> are available worldwide on May 19 through Sophos partners. Partners and customers can easily manage all XDR and EDR product solutions on the cloud-based Sophos Central<\/a> platform via a single user interface.<\/p>\n","protected":false},"excerpt":{"rendered":"

Sophos, a global leader in next-generation cybersecurity, today announced Sophos XDR, the industry\u2019sonly extended detection and response (XDR)solution thatsynchronizes nativeendpoint, server, firewall, and email security. With this comprehensive and integrated approach, Sophos XDR providesa holistic view of an organization\u2019s environment with the richest data setand deep analysis for threat detection, investigation and response. \u201cWe\u2019re seeing […]<\/p>\n","protected":false},"author":1,"featured_media":11257,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"none","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-11255","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"rttpg_featured_image_url":{"full":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos.jpg",1855,2400,false],"landscape":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos.jpg",1855,2400,false],"portraits":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos.jpg",1855,2400,false],"thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos-150x150.jpg",150,150,true],"medium":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos-232x300.jpg",232,300,true],"large":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos-791x1024.jpg",791,1024,true],"1536x1536":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos-1187x1536.jpg",1187,1536,true],"2048x2048":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos-1583x2048.jpg",1583,2048,true],"post-thumbnail":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos.jpg",325,420,false],"graptor-sq-xs":["https:\/\/web3unplugged.io\/blog\/wp-content\/uploads\/2021\/05\/Dan-Schiappa-chief-product-officer-Sophos.jpg",77,100,false]},"rttpg_author":{"display_name":"admin","author_link":"https:\/\/web3unplugged.io\/blog\/author\/admin\/"},"rttpg_comment":0,"rttpg_category":"Uncategorized<\/a>","rttpg_excerpt":"Sophos, a global leader in next-generation cybersecurity, today announced Sophos XDR, the industry\u2019sonly extended detection and response (XDR)solution thatsynchronizes nativeendpoint, server, firewall, and email security. With this comprehensive and integrated approach, Sophos XDR providesa holistic view of an organization\u2019s environment with the richest data setand deep analysis for threat detection, investigation and response. \u201cWe\u2019re seeing…","_links":{"self":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/11255","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/comments?post=11255"}],"version-history":[{"count":1,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/11255\/revisions"}],"predecessor-version":[{"id":11258,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/posts\/11255\/revisions\/11258"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media\/11257"}],"wp:attachment":[{"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/media?parent=11255"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/categories?post=11255"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/web3unplugged.io\/blog\/wp-json\/wp\/v2\/tags?post=11255"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}