Sophos Marketplace enables integration of third-party technologies for both its Managed Detection & Response program and other solutions from the Sophos cybersecurity ecosystem

Sophos Breach Protection Warranty protects customers up to $1 million
Following the pre-announcement at it-sa 2022, Sophos today announced the general availability of Sophos Managed Detection and Response (MDR) with new industry-first threat detection and response capabilities. Sophos is the first endpoint security vendor to integrate multi-vendor telemetry data from other companies’ security technologies into its MDR offering, enabling unprecedented visibility and detection across diverse operating environments. In conjunction with the new MDR services, Sophos is also introducing its new Sophos Marketplace and Sophos Breach Protection Warranty.

The need for MDR services and specialised defenders has never been greater, according to a new study, “LockBit 3.0 ‘Black’ Attacks and Leaks Reveal Wormable Capabilities and Tooling” by Sophos X-Ops. The research analyses tactics, techniques and procedures (TTPs) used by LockBit, one of the most prevalent ransomware gangs today. Furthermore, the study sheds light on how the latest version of the ransomware adds worm-enabled features and uses legitimate pentesting tools to evade detection.

In a second report, titled “Detection Tools and Human Analysis Lead to a Security Non-Event”, Sophos X-Ops describes a real-world use of Sophos MDR involving credential theft – another technique that allows attackers to impersonate legitimate users. In this case, the Sophos MDR team combined its threat hunting intelligence with information from a third-party security appliance to thwart an attack.

“The only way to reliably shut down increasingly stealthy attackers is with 24/7 monitoring that builds on signals from a variety of event sources and leverages actionable threat intelligence on attacker behaviour in real time,” said Joe Levy, chief technology and product officer at Sophos. “Businesses are struggling to keep up with well-funded attackers who are constantly evolving and industrialising their ability to circumvent defence technologies. Sophos MDR can put a stop to this before it leads to a data breach, ransomware or any other type of costly compromise. Unfortunately, ransomware remains one of the biggest threats to businesses, as the Sophos 2023 Threat Report shows. With our MDR offensive, we are setting new standards for how cybersecurity as a service can be delivered to realise better and faster detection and response.”

Industry-leading managed detection & response includes new Sophos Marketplace
Sophos is the first endpoint security vendor to offer MDR for both its own product portfolio and existing end-user security deployments. To support the channel, Sophos has launched the Sophos Marketplace. This open ecosystem includes more than 75 technology integrations, including Amazon Web Services (AWS), Check Point, CrowdStrike, Darktrace, Fortinet, Google, Microsoft, Okta, Palo Alto Networks, Rapid7 and many others. With enhanced visibility into these integrations and diverse operating environments, Sophos experts can detect and defend against attacks faster and more accurately, regardless of customers’ existing security solutions.
In addition to Sophos MDR, Sophos Marketplace offers third-party integrations for the Sophos portfolio of services, products and technologies. Telemetry data is automatically consolidated, correlated and prioritised with insights from the Sophos Adaptive Cybersecurity Ecosystem and Sophos X-Ops Threat Intelligence Unit.

Advanced security for customers
Sophos is supporting its MDR customers with the new Sophos Breach Protection Warranty. Companies protected by Sophos MDR Complete can cover up to $1 million in response costs if the worst happens. The Breach Protection Warranty is underwritten exclusively by Sophos and covers endpoints (Windows and Mac devices) as well as servers. Unlike competing offerings, there are no ratings or term limits for active customers. This Sophos Breach Protection Warranty is automatically included with all purchases and renewals of Sophos MDR Complete annual subscriptions through the Sophos global partner network.

Availability

More than 13,000 businesses are already using Sophos MDR service, with expert teams detecting, identifying and responding to threats around the clock. The latest offering, with third-party integration capabilities, is available now. The service can be customised with different levels and options for threat response. Customers can choose to have the Sophos MDR team perform a comprehensive incident response, provide support for confirmed threats, or deliver detailed alert notifications that their security operations teams can manage themselves.