Sophos, a global provider of cybersecurity as a service, has announced new third-party security technology compatibilities with Sophos Managed Detection and Response (MDR) to better detect and remediate attacks across diverse customer and operating environments. As part of the Sophos Adaptive Cybersecurity Ecosystem, the industry-leading service with over 12,000 customers now integrates telemetry from third-party endpoint, firewall, cloud, identity, email, and other security technologies.
“The complexity of modern operating environments and the velocity of cyberthreats make it increasingly difficult for most organizations to successfully manage detection and response on their own, and the need for always-on security operations has become an imperative,” said Joe Levy, chief technology and product officer at Sophos.
“As with a shield, cyber-risk mitigation technology can aid in defense, yet unless you use that protection to react, the system will eventually fail; a determined attacker will eventually defeat technology alone. Our teams of experts can now detect and remediate threats across a broad range of environments, including complex, multi-vendor scenarios, before those threats turn into something more damaging, like ransomware or a wide scale data breach. MDR is often the difference between defense success and failure in real-world situations.”
Sophos MDR now supports security telemetry from Microsoft, CrowdStrike, Palo Alto Networks, Fortinet, Check Point, Rapid7, Amazon Web Services (AWS), Google, Okta, Darktrace, and many other vendors. With insights from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit, telemetry can be automatically consolidated, correlated, and prioritized. Sophos MDR’s extensive set of third-party security integrations is made possible by technology acquired by Sophos through SOC.OS in April 2022.
The Sophos MDR operations team is able to quickly understand the who, what, when, and how of an attack by leveraging bespoke data processing and correlation techniques across this broad set of telemetry, and is capable of responding to threats across customers’ entire ecosystems within minutes. Third-party vendor telemetry can also be used by the Sophos MDR operations team to conduct threat hunts and identify attacker behaviors that have eluded detection by deployed toolsets.
“The approach that many cybersecurity technology providers have taken with their Extended Detection and Response, and their resulting MDR offerings, is to focus on integrating only their own proprietary hardware and software products, resulting in a closed and limited ecosystem offering. The challenge of this approach is that attributes of existing IT architectures may not be negotiable, given the realities of commercial contracts, technical debt or IT complexity,” said Frank Dickson, group vice president for IDC’s Security and Trust research practice. “By expanding its MDR offering to include compatibility with third-party cybersecurity products, Sophos is delivering a more technology-agnostic managed service that truly meets customers where they are and the realities they are forced to embrace.”
Sophos MDR can be configured with various service tiers and threat response options. Customers can request that the Sophos MDR operations team perform full-scale incident response, collaborate on confirmed threats, or deliver detailed alert notifications for their security operations teams to manage themselves.
“Sophos is the leading cybersecurity-as-a-service provider because of its focus on compatibility, accessibility and driving tangible business outcomes,” said Jeremy Weiss, executive technology strategist at CDW. “Unlike many MDR services in the market today, you don’t have to make any compromises with Sophos – you can keep the cybersecurity tools you already have in place, choose what level of support you need, and what outcomes you want to achieve. Sophos is setting a new standard for how MDR should be delivered, and I won’t be surprised when other providers follow in its footsteps.”
