I’m excited to share that Sophos has acquired Capsule8, a pioneer and market leader of runtime visibility, detection and response for Linux production servers and containers covering both on-premises and cloud workloads.
Sophos already protects more than two million servers for over 85,000 customers worldwide. Comprehensive server protection is a crucial component of any effective cybersecurity strategy. This deal expands our portfolio of Detection and Response Solutions and Services for underprotected server and cloud environments. It’s great news for anyone looking for a strong and lightweight layer of Linux security with strategically important visibility and detection for their servers and containers, and for organizations who want a single vendor for end-user compute and server workloads.
Linux servers: A growing vector of attack
Use of cloud platforms has grown considerably over recent years, and the pandemic further accelerated the move from on premises servers to cloud-based server workloads. With Linux now the dominant operating system for server workloads, it’s easy to understand why adversaries are adapting and customizing their approach to attack these systems.
SophosLabs threat intelligence reveals that adversaries are designing tactics, techniques and procedures (TTPs) aimed specifically at Linux systems, often exploiting server software as the initial entry point in their attack. Having a strong layer of Linux security is essential in defending against these attacks.
Extending Sophos protection
Our engineering team is already busy planning the integration of Capsule8 technology into our Adaptive Cybersecurity Ecosystem (ACE). We will also feature Capsule8 technology in our Extended Detection and Response (XDR) solutions, Intercept X server protection products, and Sophos Managed Threat Response (MTR) and Rapid Response services.
Capsule8 technology will provide new Linux telemetry and event information, further enhancing Sophos’ data lake with additional context for advanced threat hunting, security operations and customer protection practices. It also strengthens the ability of Sophos MTR operators and customers using Sophos XDR to find and neutralize suspicious activity before it becomes malicious.
The addition of the Capsule8 technologies to the Sophos portfolio is an exciting time for all of us at Sophos and I look forward to sharing further details of the integration later this year.
In the meantime, on behalf of Sophos I’d like to extend a warm welcome to the Capsule8 employees, customers and partners; we’re delighted to be working with you.
For more information, please see our press release.
Do I read this wrong, or is the plan to just implement the EDR and not protection mechanism C8 has with exploit protection and such?
No it is to implement the protection and integrate into XDR