Tuesday 18th December 2018
Sophos has expanded it’s Intercept X endpoint protection platform with new endpoint detection and response capabilities that can help organisations better understand and respond to emerging threats.
Sophos Intercept X Advanced with EDR integrates intelligent endpoint detection and response (EDR) with the industry’s top-rated malware detection, top-rated exploit protection, and other unmatched endpoint protection features.
EDR Starts with the Strongest ProtectionTo stop breaches before they start, prevention is crucial. Intercept X consolidates unmatched protection and endpoint detection and response into a single solution. This means that most threats are stopped before they can ever cause damage, and Intercept X Advanced with EDR provides additional cybersecurity assurance with the ability to detect, investigate, and respond to potential security threats.The inclusion of EDR into a consistently top-rated endpoint protection suite enables Intercept X to significantly lighten the EDR workload. The more threats that areprevented, the less noise that is created for security teams to investigate. This means teams can optimise key resources enabling them to focus on the business of IT rather than chasing false positives and an overwhelming volume of alerts.Add Expertise, Not HeadcountIntercept X Advanced with EDR replicates the tasks normally performed by skilled analysts, so organisations can add expertise without having to add staff. Unlike other EDR solutions which rely on highly skilled human analysts to ask questions andinterpret data, Intercept X Advanced with EDR is powered by machine learning and enhanced with curated SophosLabs threat intelligence
Security expertise*: Intercept X Advanced with EDR puts security expertise into the hands of IT by automatically detecting and prioritising potential threats. Using machinelearning, suspicious events are identified and elevated as the most important and in need of immediate attention. Analysts can quickly see where to focus their attentionand understand which machines may be impacted.
Malware expertise: Most organisations rely on malware experts that specialise in reverseengineering to analyse suspicious files. Not only is this approach time consuming and difficult to achieve, but it assumes a level of cybersecurity sophistication which most organisations don’t possess. Intercept X Advanced with EDR offers a better approachby leveraging Deep Learning Malware Analysis which automatically analyses malware in extreme detail, breaking down file attributes and code and comparing them tomillions of other files. Analysts can easily see which attributes and code segments are similar to “known-good” and “known bad” files so they can determine if a file should be blocked or allowed.
Threat intelligence expertise: When Intercept X Advanced with EDR elevates a potentially suspicious file, IT administrators can gather more information by accessing on-demand threat intelligence curated by SophosLabs which receives and processes approximately 400,000 previously unseen malware samples each day. This, and other threat intelligence is collected, aggregated, and summarised for easy analysis. This means that teams that do not have dedicated threat intelligence analysts, or access to expensive and hard to understand threat feeds, can benefit from one of the top cybersecurity research and data science teams in the world.Guided Incident ResponseIntercept X Advanced with EDR allows administrators to answer the tough questions about security incidents by providing visibility into the scope of an attack, how it started, what was impacted, and how to respond. Security teams of all skill levels can quickly understand their security posture thanks to guided investigations which offer suggested next steps, clear visual attack representations, and built-in expertise.When an investigation is concluded, analysts can respond with a click of a button. Rapid response options include the ability to isolate endpoints for immediate remediation, clean and block files, and create forensic snapshots.
Want to keep informed? Sign up to our Newsletter
from Bytes Software Services
from Bytes Security Partnerships