Site icon Sophos News

Improving threat detection and response in AWS with Sophos XDR

Chasing attacks through cloud environments can be tough if you don’t know what to look out for – and sometimes, even if you do.

That’s why Sophos Cloud Workload Protection with XDR (Extended Detection and Response) now includes new AWS cloud environment data sources, with easy-to-follow queries – which map to key elements of the MITRE ATTA&K IaaS matrix – to help while investigating incidents in AWS.

And it’s all thanks to our latest XDR integration, this time with Cloud Optix: the Sophos Cloud Security Posture Management service.

Enhanced cloud workload protection with XDR

Intercept X Advanced for Server with XDR and Cloud Optix are the backbone of Sophos Cloud Workload Protection.

Sophos Intercept X provides active protections to block the latest advanced threats from compromising hosts, data, and systems, while Sophos Cloud Optix ensures proper configuration of cloud resources and environments to proactively prevent attacks in the first place.

This connected approach is crucial for security controls as organizations deploy more cloud resources and leverage new cloud-native services such as containers and serverless technologies.

Breaking down Sophos XDR for cloud workloads

Extending data sources

Use extended telemetry to detect activity

Investigate and respond to incidents with greater accuracy

Getting started

To get started, you will need Intercept X Advanced for Server or Endpoint with XDR, and Sophos Cloud Optix with AWS CloudTrail enabled.

You can find out more about how Cloud Optix enables IT teams to proactively protect cloud environments at Sophos.com/Cloud-Optix. From there, you can try it for free, buy it in AWS Marketplace, and learn more about Sophos XDR for cloud workloads.

Exit mobile version