Sophos announced enhancements to Sophos Cloud Optix that automate and simplify security incident detection and response across Amazon Web Services (AWS) infrastructure.
“Sorting through and making sense of potentially thousands of user activity events to identify suspicious activity used to be near impossible,” said Scott Barlow, Sophos vice president of global MSP and cloud alliances.
He added, “Sophos is transforming this resource-intensive process, giving security teams the answers they need with the click of a button. Security teams can instantly pinpoint unusual activity – such as actions not previously taken by a user or actions being performed outside of normal business hours, for example – and focus their investigations on the most high-risk alerts with confidence.”
The Sophos Cloud Optix cloud security posture management solution continually analyses AWS CloudTrail to generate a picture of individual user activity with Sophos AI’s new machine learning models.
It visualises AWS CloudTrail events in a simple and complete timeline view of user actions, high-risk anomalies, security and compliance incidents, and remedial recommendations for security teams across all AWS accounts.
Sophos Cloud Optix gives you unrivaled visibility into potentially dangerous blind areas. It protects AWS and other cloud workloads from advanced attacks and cloud environment misconfigurations, and it can be easily managed with Sophos’ whole portfolio of next-generation cybersecurity products and services through the cloud-based Sophos Central platform.
Sophos Cloud Optix integrates with a variety of AWS security services, including the new Amazon Inspector. AWS Security Hub, Amazon GuardDuty, AWS CloudTrail, Amazon Macie, AWS Systems Manager and Patch Manager, AWS Firewall Manager, AWS IAM Access Analyzer, Amazon Detective, and Amazon Elastic File System are all integrated with Sophos Cloud Optix.
Sophos’ unique threat protection, monitoring, and response solution, recognized by AWS as an AWS Level 1 Managed Security Service Provider (MSSP) Competency program partner, addresses crucial market demand for managed security services. The package now available on AWS Marketplace combines automated security and managed threat response 24 hours a day, seven days a week, into a single, comprehensive service. The service integrates cloud security posture management, endpoint, cloud workload, and network security, vulnerability scanning, inventory visibility, and compliance tracking for AWS clients. Organizations also benefit from a specialized Sophos Managed Threat Response security staff that monitors AWS environments and responds to threats and in-progress attacks 24 hours a day, seven days a week.