Sophos XDR gives highly effective instruments and risk intelligence that allow organizations to detect, examine, and reply to suspicious exercise earlier than lively adversaries can affect their programs. With over 40,000 prospects already utilizing our XDR capabilities to raise their defenses, Sophos is a longtime international chief in prolonged detection and response.
We’re delighted to announce a number of important enhancements to Sophos XDR that additional speed up detection and response, together with expanded know-how integrations that leverage present safety investments and new instruments and optimized workflows to analyze threats extra effectively.
Expanded third-party integrations
The extra you see, the sooner you possibly can act. Sophos XDR customers can now leverage telemetry from an much more in depth vary of third-party (non-Sophos) safety instruments, enabling organizations to get extra ROI from their present know-how investments whereas rushing up safety operations.
The newly-expanded know-how companion ecosystem integrations embrace id, community, firewall, e-mail, cloud, productiveness, and endpoint safety applied sciences. Endpoint and Microsoft integrations are included with Sophos XDR subscriptions at no further value.
With Sophos XDR, suspicious alerts from each Sophos and non-Sophos merchandise are ingested, filtered, correlated, and prioritized – permitting prospects to see extra worth from their present instruments than XDR options that solely use third-party telemetry to complement endpoint detections.
Community Detection and Response (NDR) is now accessible for Sophos XDR
Sophos NDR (Community Detection and Response) repeatedly displays community visitors to detect a variety of safety dangers, together with rogue gadgets, unprotected gadgets, insider threats, zero-day assaults, and threats involving IoT and OT gadgets.
Sophos NDR was launched earlier this 12 months as an non-obligatory add-on for the Sophos MDR (Managed Detection and Response) service, and we’re delighted to announce that Sophos NDR is now additionally accessible for Sophos XDR for organizations who handle their very own detection and response actions.
New and improved case administration capabilities
Sophos XDR mechanically creates instances based mostly on detections to assist organizations prioritize their investigations. Along with enhancing computerized case creation, new and improved case administration capabilities assist analysts higher handle their investigation workload and collaborate with different crew members extra effectively.
Key enhancements embrace:
- Case Pocket book. Analysts can simply doc and arrange their work as they progress by way of an investigation by logging observations and findings and including media for added context.
- Exercise Log. An in depth document of exercise for every case permits analysts to simply see actions that different crew members have taken as a part of an investigation.
- Case Abstract. Analysts can now enter a quick synopsis of every case, enabling their crew to see a concise overview of investigations at a look.
- Enhanced MITRE ATT&CK Framework mapping. Sophos XDR mechanically maps detections to MITRE ATT&CK Ways, enabling analysts to determine potential gaps in defenses and prioritize enhancements. On this launch, MITRE Framework mappings at the moment are collated throughout all detections inside a single case, with extra detailed TTP particulars offered.
- Coming Quickly: New analyst response actions. Utilizing the brand new XDR case administration toolset, analysts can now include potential threats with the press of a button. New analyst response actions will assist organizations speed up risk containment through Sophos’ XDR-integrated merchandise and through new third-party know-how integrations. For instance, utilizing the brand new integration with Okta, analysts can shortly and simply droop customers, clear person periods, and expire person passwords, all from the Sophos XDR platform.
New Detections person expertise
Sophos XDR identifies suspicious actions that want fast consideration, mechanically prioritizing detections throughout a number of assault surfaces based mostly on danger.
The person expertise for Detections has been redesigned in Sophos XDR, offering a transparent view of essentially the most essential information at a look, with handy entry to enrichment pivots and actions to speed up investigations.
New simplified (SQL-less) XDR search
Examine and hunt threats at velocity. The brand new XDR search software permits analysts to shortly discover particular information within the Sophos information lake by looking for indicators of compromise and different information similar to IP addresses or usernames.
An intuitive search builder, plus free-text and prompted-Lucene choices, permits customers of all talent ranges to seek out the info they want sooner with out SQL experience!
Acknowledged by trade specialists and prospects
Sophos XDR continues to garner excessive reward from prospects and trade specialists for superior detection, investigation, and response capabilities.
Sophos is considered one of solely ten distributors acknowledged within the 2023 Gartner Market Information for XDR, was named a Chief within the G2 Grid for XDR, earned the place as the only chief in Omdia’s vendor comparability for Complete XDR, and delivered distinctive ends in the 2023 MITRE Engenuity ATT&CK Evaluations (Spherical 5: Turla).
Elevate your defenses towards lively adversaries
To study extra and discover how Sophos XDR may also help your group higher defend towards lively adversaries, converse with a Sophos adviser or your Sophos companion as we speak.
You may as well take it for a take a look at drive in your personal surroundings with a no-obligation 30-day free trial – accessible from our web site or (for present Sophos prospects) instantly inside the Sophos Central console in simply a few clicks.
