Skip to content

Sophos Intercept X stops ransomware in its tracks – try the beta today!

Sophos EndpointWe’re excited to announce the upcoming launch of Sophos Intercept X, ushering in a new era of endpoint protection for modern threats. It’s our new signatureless anti-exploit, anti-ransomware, and anti-hacker technology that includes root-cause analytics and advanced malware cleanup – all managed via the Sophos Central Admin console.

You’ve undoubtedly seen countless headlines about crippling ransomware attacks that cost people hundreds of millions of dollars each year. With Sophos Intercept X, we’ve integrated powerful ransomware protection that’s capable of automatically stopping ransomware attacks as soon as they’re detected and rolling back damaged files to a known and safe state.

Intercept X also includes advanced anti-exploit technology that blocks zero-day threats without the need for traditional file scanning or signature updates. In addition, we’ve added automated forensic reporting that traces attacks back to their origins, pinpoints additional infection points, provides advanced cleanup of malware, and offers prescriptive guidance for strengthening your organization’s security posture. Sophos Intercept X also includes comprehensive deep-cleaning technology, which hunts spyware down that other traditional AV misses and rips out deeply embedded, lingering malware to make remediation a snap.

At launch later this year, Sophos Intercept X can be installed alongside existing endpoint protection to fend off unknown exploit variants and stealth attacks that traditional cybersecurity software might miss – all with minimal impact to system performance. Intercept X will be available as part of our own Sophos Central-managed lineup as Endpoint Ultimate, which combines Endpoint Advanced and Intercept X into a dynamic, complete endpoint protection solution.

We’ll be rolling Intercept X out later in 2016, but we invite you to take it for a spin today alongside our advanced endpoint protection. If you’re already a Sophos Central customer, simply contact your partner for a beta code; if you’re new to Sophos, please sign up for a free 30-day trial account of Sophos Central to get started.

We hope you enjoy using Intercept X and we look forward to your feedback as we perfect this incredible product!


Can we upgrade our existing Sophos Endpoint protection to this version?


Yes, once we are out of beta you can upgrade all your endpoints. You can also join the beta today. If you use SEC to manage your Endpoints you’ll need to switch to Sophos Central management, alternatively sign-up for a new trial to get started quickly with a few endpoints for testing. Contact your partner to get an invitation code or to switch from SEC to Central management.


I am very excited for this release. The root cause analysis functionality looked awesome at the Partner conference and I can’t wait to see it in action.


How is this different then sandbox?? It sounds like it should be the same? Is this your new endpoint protection? Sophos loves to change their product names that’s for sure..


Sandbox techniques look at behavior of malware, let it run and see what it does before we convict it. The anti-exploit technology in Intercept stops malware getting on to the endpoint via exploit-based delivery mechanisms. By stopping the route in, we don’t need to know about the malware itself or what its trying to do. It’s a very efficient way to stop malware much earlier in the attack cycle. Intercept can be used alongside AV / endpoint products to plug the exploit-based delivery mechanisms and protect against ransomware.


When I can get sophos intercept?


You can buy/trial HitmanPro.Alert right now, it’s the same base product from the SurfRight who Sophos acquired to give them Sophos Clean (HitmanPro) and Sophos Intercept (HitmanPro.Alert).

Intercept is basically HitmanPro.Alert with cloud and central management added, so if you have few users and don’t need cloud and central management, have a look at HitManPro.Altert.


So all of the clients need internet connection (I hope over Proxy) in order to work right?
If we switch from SEC to Sophos Central management all of the clients will download their updates and engines of the Internet?

With low bandwith sites I fear the big sophos updates will break our neck. There are no plans to integrate the malware ransomware part into the good old beloved SEC? I fear cloud based solutions do not fit for all your customers.


Sophos Cloud has a caching feature so you can download updates to the cache and all of your PCs update internally. I am just migrating my network over to Sophos Cloud and it is already paying off. The SEC is beloved but I feel that their improved cloud services are far out weigh my need to hold on to it. And I can’t wait to turn off another VM.


Fear not, we have an update cache for Central-managed Endpoint Protection for exactly that scenario. See here:


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!