We are very excited to announce the launch of Sophos Intercept X Advanced with EDR, a new Intercept X offering that integrates intelligent endpoint detection and response (EDR) with the industry’s top-rated malware and exploit protection.
When It Comes To Security Size Does Matter
New research from Sophos has revealed that large enterprises currently disproportionately benefit from EDR. Two in five (40%) of Belgian and Dutch ITDMs have EDR tools as part of their endpoint protection and this percentage increases with company size. Forty six per cent of businesses with 500-750 employees have EDR tools as part of existing endpoint protection, compared to just 28 per cent of organisations with less than 250 employees. SMEs may also be putting themselves at risk by underestimating the importance of EDR: while overall, seven per cent of Belgian and Dutch businesses think EDR capabilities are unnecessary, when it comes to organisations of less than 250 employees, this figure rises to almost one in five companies (18 percent).
Until now, effective investigation and incident response has only been achievable in organisations with a dedicated Security Operations Center (SOC) or specialized IT security team trained to hunt and analyse cyberattacks. With Sophos Intercept X Advanced with EDR, businesses of all sizes and those with limited resources can add threat tracking and SOC-like capabilities to their security defenses, reducing the time criminal hackers can hide in their network.
With Intercept X Advanced with EDR, IT and security teams can now better navigate the challenges of today’s most complex threats, such as:
- Understanding the scope and impact of security incidents
- Detecting attacks that may have gone unnoticed
- Searching for indicators of compromise across the network
- Prioritizing events for further investigation
- Analyzing files to determine if they’re potentially unwanted or true threats
- Confidently reporting on the organization’s security posture at any given moment
- Answering tough compliance questions in the event of a breach
Vast Opportunities for Cyber Criminals
Currently, the early window of opportunity for cybercriminals is substantial and, once they have gained a foot hold, they use multiple attack methods to escalate privileges and advance step-by-step. Sophos’ research has shown that a third of businesses, (34 per cent) take days to months to patch. This is despite the fact that a third of businesses receive more than one patch / upgrade daily. The net result is that endpoints are left exposed and cybercriminals are able to move onto and across the network.
With Intercept X Advanced with EDR, IT managers can see if an attacker is moving laterally, and leverage the anti-ransomware and anti-exploit capabilities in Intercept X, the industry’s most sophisticated endpoint prevention solution. Sophos Intercept X with EDR is integrated with Sophos Central, a cloud-based unified console for managing Sophos’ portfolio of products, allowing end-users and Managed Security Partners to make decisions based on EDR intelligence from a single pane of glass.
With a single click, IT managers can have on-demand access to curated intelligence from SophosLabs, guided investigations into suspicious events, and recommended next steps. To maintain full visibility into the threat landscape, SophosLabs tracks, deconstructs and analyses 400,000 unique and previously unseen malware attacks each day in a constant search for attack novelty and cybercriminal innovation. By providing access to SophosLabs data, IT managers of all skill levels can now benefit from first-responder forensics at their fingertips to best determine if and what types of attacks are happening.
Dan Schiappa, Senior Vice President and General Manager of Products at Sophos said:
“The sheer volume of malware, frequency of attacks and wide availability of toolkits on the dark web have made EDR capabilities necessary to every business – especially those with limited IT security resources. Sophos is providing the equivalent of a team of global cybersecurity experts and access to the rich knowledgebase SophosLabs has about the reputation of files and other information collected through terabytes of malware analysis. IT managers can now quickly analyze and trace attack pathways without needing to reverse engineer files.”
The Intercept X Advanced with EDR Early Access Program is open for general admission. More than 300 organisations have already registered. To join the program and community, please visit Sophos Early Access Program.
To learn more, download the Intercept X Advanced with EDR datasheet.
About the Research
The research was carried out by Sapio Research using online interviews in August and September 2018 among 151 IT decision makers in Belgian (50) and Dutch companies (101).