Sophos has been named a Leader in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms (EPP) for 13 consecutive reports. The secret to this continued (and unsurpassed) leadership is our relentless focus on innovation: we are wholly dedicated to keeping customers ahead of adversaries while aligning their cybersecurity to their business needs.
Over the last few months the team has been busy further extending customers’ defenses and I’m excited to share the latest enhancements to Sophos Intercept X Endpoint and Sophos XDR.
New Anti-Exploit Protections
Exploited vulnerabilities were the most common ransomware attack vector in 2022. Sophos Endpoint already provides the most comprehensive exploit protection available with over 60 mitigations enabled. Our two new protections continue to raise the bar:
- Protect browser cookies used for MFA sign-in (AKA CookieGuard): guards against attackers trying to steal authentication tokens from Chrome or Edge browsers
- Prevent malicious beacons connecting to command-and-control servers (AKA C2 Interceptor): identifies and blocks beacons that attempt to evade detection by remaining encrypted
All Sophos Endpoint exploit mitigations are enabled by default, with no customer configuration required. Sophos customers automatically benefit from these enhancements to their defenses.
Comparison Scores for the Account Health Check
The Account Health Check capability makes it easy for Sophos Endpoint and Server users to optimize their security posture and has already proved hugely popular. We continue to extend this feature, and customers can now compare their own health scores with the average scores of other organizations with a similar number of devices, providing context and motivation for improvement.
In the example below, the customer has an overall score of 49 which is well below the average score of 97. Customers can also compare each of the individual health check scores (e.g., protection installed, policies) to identify where to focus. The drop-down on the right enables users to select their desired comparison cohort.
Sophos XDR Threat Analysis Center Dashboard
The new Sophos XDR Threat Analysis Center Dashboard makes it easier to quickly access actionable data in order to accelerate threat detection, investigation, and response.
All Sophos XDR customers benefit from seven new visualizations (widgets) plus multiple widget views and the ability to interact with each widget in multiple ways to get the deep insights they need. Read the documentation to learn more.
Sophos XDR: NDR Early Access Program
Network Detection and Response (NDR) solutions continuously monitor activity inside the network to detect suspicious activities occurring between devices which may be indicative of attacker activity. It’s an increasingly important part of a security stack because, while advanced attackers are skilled at evading detection and will even delete evidence of their presence, they still need to move across the network to carry out an attack.
Sophos NDR has been a highly popular integration for Sophos MDR since its launch last November, and we’re now bringing it to Sophos XDR. The Early Access Program is now open, enabling all XDR customers to try it for free with GA targeted for November.
Sophos XDR: Detections UX Early Access Program
The new Detections User Experience (UX) is designed to facilitate and accelerate investigation of suspicious alerts, enabling operators to quickly identify malicious activities. It provides a clear view of the most important data for each detection, as well as access to actions that increase investigation efficiencies including pivots and Live Discover queries. The Raw Data tab provides all the telemetry that makes up the detection, which is useful during the more in-depth phase of an investigation. Learn more and join the Early Access Program.
Coming Soon: Critical Attack Warning in Sophos Central
Adaptive Attack Protection came to Sophos Endpoint earlier this year, automatically deploying an elevated level of protection if adversary activity is detected on a particular device. Coming soon, the new Critical Attack Warning extends Sophos Endpoint’s context-sensitive defenses with an estate-wide approach that alerts if adversary activity is detected across multiple devices in the customer’s environment.
When the Critical Attack Warning threshold is met, an alert will be sent to all admins in the Sophos Central account to inform them of the situation and provide attack context and details. Customers can respond themselves using Sophos XDR, seek assistance from their partner, or engage the Sophos Incident Response team, all from within Sophos Central
We’re planning to make Critical Attack Warning available to all customers running Sophos Intercept X Advanced and Sophos XDR via a staged roll-out, due to begin later this month.
Continued Industry Recognition
Sophos Endpoint continues to garner high praise from experts across the industry, and recent recognition includes:
- 100% Total Protection Score and two AAA awards in the SE Labs Q2 Endpoint Protection report. Sophos detected and stopped both commodity, real-world cyberattacks and simulated targeted attacks with 100% accuracy
- Sophos named a Leader by Frost & Sullivan in their inaugural XDR Radar Report
- Sophos awarded Best Endpoint Security in the CRN® Tech Innovator Awards
- Sophos named a Leader in the 2022 Gartner®️ Magic Quadrant™️ for Endpoint Protection Platforms
To learn more about Sophos Endpoint and start a free trial for yourself, visit our website or speak to your Sophos representative or partner.
————
Gartner, Magic Quadrant™ for Endpoint Protection Platforms, Peter Firstbrook, Chris Silva, 31st December 2022
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Leave a Reply