‘Where do I start?’ is one of the most common questions we get asked about endpoint detection and response (EDR).
The newly introduced Threat Indicators feature for Sophos EDR answers that question. Threat Indicators makes use of deep learning technology to automatically provide prioritized lists of the most suspicious items across an organization’s endpoints and servers.
Suspicious items are graded from high to low priority. These gradings include details such as file name, SHA 256 hash, the number of devices that have seen the file and if the file has already run, so it’s easy to understand where to begin, even for staff who aren’t cybersecurity specialists.
SophosLabs curated threat intelligence and deep learning analysis gives you the information you need to understand the properties of a suspect file and quickly decide what action to take.
Threat Indicators is available now to all customers that have Intercept X Advanced with EDR or Intercept X Advanced for Server with EDR.
Learn more about EDR and try it out for yourself.
Leave a Reply