Site icon Sophos News

Sophos XDR: Major solution enhancements now available

Sophos XDR provides powerful tools and threat intelligence that enable organizations to detect, investigate, and respond to suspicious activity before active adversaries can impact their systems. With over 40,000 customers already using our XDR capabilities to elevate their defenses, Sophos is an established global leader in extended detection and response.

We are delighted to announce several significant enhancements to Sophos XDR that further accelerate detection and response, including expanded technology integrations that leverage existing security investments and new tools and optimized workflows to investigate threats more efficiently.

Expanded third-party integrations

The more you see, the faster you can act. Sophos XDR users can now leverage telemetry from an even more extensive range of third-party (non-Sophos) security tools, enabling organizations to get more ROI from their existing technology investments while speeding up security operations.

The newly-expanded technology partner ecosystem integrations include identity, network, firewall, email, cloud, productivity, and endpoint security technologies. Endpoint and Microsoft integrations are included with Sophos XDR subscriptions at no additional cost.

With Sophos XDR, suspicious signals from both Sophos and non-Sophos products are ingested, filtered, correlated, and prioritized – allowing customers to see more value from their existing tools​ than XDR solutions that only use third-party telemetry to enrich endpoint detections.

Network Detection and Response (NDR) is now available for Sophos XDR

Sophos NDR (Network Detection and Response) continuously monitors network traffic to detect a wide range of security risks, including rogue devices, unprotected devices, insider threats, zero-day attacks, and threats involving IoT and OT devices.

Sophos NDR was introduced earlier this year as an optional add-on for the Sophos MDR (Managed Detection and Response) service, and we’re delighted to announce that Sophos NDR is now also available for Sophos XDR for organizations who manage their own detection and response activities.

New and improved case management capabilities

Sophos XDR automatically creates cases based on detections to help organizations prioritize their investigations. In addition to enhancing automatic case creation, new and improved case management capabilities help analysts better manage their investigation workload and collaborate with other team members more efficiently.

Key enhancements include:

New Detections user experience

Sophos XDR identifies suspicious activities that need immediate attention, automatically prioritizing detections across multiple attack surfaces based on risk.

The user experience for Detections has been redesigned in Sophos XDR, providing a clear view of the most critical data at a glance, with convenient access to enrichment pivots and actions to accelerate investigations.

New simplified (SQL-less) XDR search

Investigate and hunt threats at speed. The new XDR search tool enables analysts to quickly find specific data in the Sophos data lake by searching for indicators of compromise and other data such as IP addresses or usernames.

An intuitive search builder, plus free-text and prompted-Lucene options, enables users of all skill levels to find the data they need faster without SQL expertise!

Recognized by industry experts and customers

Sophos XDR continues to garner high praise from customers and industry experts for superior detection, investigation, and response capabilities.

Sophos is one of only ten vendors recognized in the 2023 Gartner Market Guide for XDR, was named a Leader in the G2 Grid for XDR, earned the position as the sole leader in Omdia’s vendor comparison for Comprehensive XDR, and delivered exceptional results in the 2023 MITRE Engenuity ATT&CK Evaluations (Round 5: Turla).

Elevate your defenses against active adversaries

To learn more and explore how Sophos XDR can help your organization better defend against active adversaries, speak with a Sophos adviser or your Sophos partner today.

You can also take it for a test drive in your own environment with a no-obligation 30-day free trial – available  from our website or (for existing Sophos customers) directly within the Sophos Central console in just a couple of clicks.

Exit mobile version