Highlights –
- As a component of the Sophos Adaptive Cybersecurity Ecosystem, the new third-party support incorporates telemetry from third-party endpoints, cloud, firewalls, identity, email, and other security solutions.
- Through Sophos’ global channel of reseller partners and managed service providers, the new service is currently accessible.
Today, the cybersecurity company Sophos Group plc released third-party security technology features with its Managed Detection and Response (MDR) solution for improved attack detection and remediation across various customer and operating settings.
As a component of the Sophos Adaptive Cybersecurity Ecosystem, the new third-party support incorporates telemetry from third-party endpoints, cloud, firewalls, identity, email, and other security solutions. Security telemetry from companies like Microsoft Corp., Amazon Web Services Inc., Palo Alto Networks Inc., Google LLC, CrowdStrike Holdings Inc., Rapid7 Inc., Fortinet Inc., Check Point Software Technology Ltd., Okta Inc., Darktrace PLC, and many others are now included in Sophos MDR’s third-party support.
third-party telemetry in Sophos MDR may be automatically combined, correlated, and prioritized with knowledge from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit. Third-party security integrations have been enabled by technology from Sophos’ acquisition of SOC.OS CyberSecurity Ltd. in April.
The integration makes use of specialized data processing and correlation techniques across the telemetry, enabling the Sophos MDR operations team to comprehend the who, what, when, and how of an attack, enabling threat response across a customer’s whole ecosystem in a matter of minutes. The Sophos MDR operations team can also use third-party vendor telemetry to perform threat hunts and identify attacker behaviors that elude detection from deployed toolkits.
According to Joe Levy, Chief technology and product officer of Sophos, “As with a shield, cyber risk mitigation technology can aid in defense, yet unless you use that protection to react, the system will eventually fail; a determined attacker will eventually defeat technology alone. Our teams of experts can now detect and remediate threats across a broad range of environments, including complex, multivendor scenarios, before those threats turn into something more damaging, like ransomware or a wide-scale data breach.”
Sophos MDR is customizable with various service tiers and threat response options. Customers can choose between the Sophos MDR operations team handling full-scale incident response or using the comprehensive alert notifications for their security operations teams to handle themselves.
The new service is accessible via Sophos’ global channel of reseller partners and managed service providers. Integrations with a few third-party security technologies will be generally available at no extra cost.