Sophos is making the use of Endpoint Detection and Response easier than ever and has added the technology—including deep learning—to its Intercept X Endpoint Protection portfolio. Sophos’ deep learning neural network is trained on hundreds of millions of samples to look for suspicious attributes of malicious code to detect never-before-seen threats. It provides broad, expert analysis of potential attacks by comparing the DNA of suspicious files against the malware samples already categorised in SophosLabs.
Until now, effective investigation and incident response has only been achievable in organisations with a dedicated Security Operations Center (SOC) or specialised IT security team trained to hunt and analyse cyber attacks. With Sophos Intercept X Advanced with EDR, businesses of all sizes and those with limited resources can add threat tracking and SOC-like capabilities to their security defences.
EDR provides the equivalent of a team of global IT security experts
With a single click, IT managers have on-demand access to: Intelligence from SophosLabs, guided investigations into suspicious events, and recommended next steps. To maintain full visibility into the threat landscape, SophosLabs tracks, deconstructs and analyses 400,000 unique and previously unseen malware attacks each day in a constant search for attack novelty and cyber criminal innovation. By providing access to SophosLabs data, IT managers of all skill levels have first-responder forensics at their fingertips to best determine if and what types of attacks are happening.
Once cyber criminals get a foot hold, they use multiple attack methods to escalate privileges and advance step-by-step. With Intercept X Advanced with EDR, IT managers can see how an attacker is moving and leverage the anti-ransomware and anti-exploit capabilities in Intercept X. Sophos Intercept X with EDR is integrated with Sophos Central, a cloud-based unified console for managing Sophos’ portfolio of products.