Sophos has announced an update to Intercept X for Server that adds endpoint detection and response to the software.
The new Sophos endpoint security software allows IT managers at businesses to have visibility across an entire estate of servers. This allows them to proactively detect stealthy attacks and blended threats that merge automation and human hacking skills. This visibility enables the IT managers to better understand the impact of a security incident and report on what did or did not happen.
Sophos Intercept X for Server with endpoint detection and response expands Sophos’ offering of EDR, which is powered by deep learning technology. According to Sophos, its network is trained on hundreds of millions of samples to look for suspicious attributes of malicious code to detect never-before-seen threats.
IT managers using the new Sophos Intercept X also have on-demand access to information from SophosLabs, which include guided investigations into suspicious events and recommended next steps. SophosLabs tracks, deconstructs and analyzes 400,000 previously unseen malware attacks each day, according to Sophos.
Sophos Intercept X for Server with EDR also enables users to lock down servers to control what can and cannot run on them and provide notifications for any unauthorized change attempts.
Endpoint detection and response is a growing market, as organizations have realized external attacks begin at network endpoints. Using EDR systems gives defenders a line of defense that enables them to have more visibility and control of what’s happening at the interface between production systems. Additionally, EDR products respond to a variety of security threats, not just one specific type.
Sophos’ product is similar to products from Carbon Black or CrowdStrike, which are also more cloud-centric. Carbon Black’s EDR product uses predictive models to analyze data and uncover malicious behavior to stop malware, ransomware and nonmalware attacks, prevent attacks automatically both online and offline and block emerging attacks. CrowdStrike teamed up with Dell Technologies and Secureworks to use its unified endpoint protection platform to create a new endpoint security portfolio specifically for helping midmarket enterprises with emerging threats.
Sophos Intercept X for Server with EDR is available now.