Many organizations face critical blind spots in their cyber defenses. In fact, the Sophos State of Ransomware 2025 report found 40% of organizations impacted by ransomware in the last year reported falling victim due to an exposure they were unaware of.

Sophos Managed Risk, now with both internal and external attack surface management, addresses this challenge, providing comprehensive visibility into internal and external weaknesses that could be exploited by threat actors.

“With Sophos Managed Risk, organizations gain an attacker’s-eye view to identify and prioritize remediation of risks before adversaries can exploit them. The solution offers a unified view of both internal and external exposures prioritized by risk and paired with clear remediation guidance,” said Rob Harrison, Senior Vice President, Product Management at Sophos. “This enables organizations to focus their efforts where it matters most, on the most critical vulnerabilities, resolving them rapidly.”

The latest release of Sophos Managed Risk introduces unauthenticated internal scanning, which assesses a system from the perspective of an external attacker without user credentials or privileged access.

This enables organizations to identify and mitigate high-risk vulnerabilities, such as open ports, exposed services and misconfigurations that are accessible and potentially exploitable by attackers.

Features of IASM for Sophos Managed Risk include:

• Comprehensive vulnerability management: Regular automated scanning to identify weaknesses affecting assets within the network.
• AI-powered prioritization: Intelligently determines which vulnerabilities pose the highest risk and need immediate attention, guiding organizations to prioritize their patching and remediation efforts.
• Industry-leading technology: Sophos leverages Tenable Nessus scanners to detect vulnerabilities inside the network and determine their severity.
• The Sophos advantage: Unlike vendors that separate External Attack Surface Management (EASM) and IASM into distinct products, Sophos provides an integrated managed service powered by leading Tenable technology and backed by one of the world’s leading MDR services.

The new IASM capabilities are accessible through Sophos Managed Risk, an extended service with Sophos MDR.

The Sophos Managed Risk team is Tenable-certified and works closely with Sophos MDR to share essential information about zero-days, known vulnerabilities and exposure risks to assess and investigate possibly exploited environments.

IASM for Sophos Managed Risk is available today for all new and existing Sophos Managed risk customers, with no changes to licenses or pricing.

Customers can immediately benefit from the extended coverage by deploying Tenable Nessus scanners and scheduling automated scans in their Sophos Central console.

*Learn more about the new Internal Attack Surface Management capabilities and Sophos Managed Risk, visit Sophos.com/Managed-Risk.

The post Sophos Managed Risk Expands Capabilities with IASM appeared first on Tech | Business | Economy.

This achievement highlights the increasing demand for Sophos’ proactive, expert-led security solutions, which help organizations of all sizes stay protected 24/7 against increasingly sophisticated cyber threats, including the most advanced ransomware, business email compromise (BEC) and phishing attacks.

Sophos MDR offers a comprehensive suite of capabilities that go beyond standard threat containment to include full-scale incident response, such as root cause analysis, the removal of malicious tools or artifacts used by attackers, and investigations across customers’ environments to ensure adversaries are fully ejected to prevent another attack.

What further differentiates Sophos is that these incident response services are included with Sophos MDR on an unlimited basis, meaning customers are not additionally charged and there is no limit on the number of incident response hours.

Sophos MDR Complete also includes a breach protection warranty covering up to $1 million USD in incident response expenses.

Sophos provides flexibility for how customers can work with the MDR analysts, including the ability to pre-authorize them to contain an active threat.

Sophos Investment in MDR and New Features

Sophos has made significant investments into its MDR offering with increased analyst capacity, AI assisted workflows, new features and expanded integrations to help deliver the best possible outcomes through improved protection, detection and investigation of threats.

Sophos has added the following new features:

• Proof of Value: New Sophos MDR service insights to explain the MDR team’s actions including highlighting the human hours spent threat hunting and creating and tuning detections. High-value dashboard enhancements include details of MITRE ATT&CK tactics uncovered in proactive threat hunts conducted by Sophos’ MDR team, MDR analyst coverage, case investigation summaries and an account health check status.
• Enhanced Security for Microsoft Customers: New Sophos-proprietary detections for Microsoft Office 365 identify threats including business email compromise and adversary in the middle account takeover attacks, independent of the customer’s Microsoft license level.
• Expanded Compatibility with Third Parties: This expanded ecosystem of turnkey integrations with third-party cybersecurity and IT tools includes a new Backup and Recovery integration category.
• Proactive Vulnerability Mitigation: Sophos Managed Risk powered by Tenable provides attack surface vulnerability management as a new managed service option for Sophos MDR customers.
• Efficiency and Automation: Sophos MDR has added AI-powered workflows to streamline the operational processes and drive better security outcomes for our customers. This innovation delivers a reduced mean time to respond (MTTR) through more efficient triage, while also ensuring that all legitimate threats are rapidly investigated. This enables analysts to concentrate on other tasks such as threat hunting, account health monitoring and detection engineering.

“Attackers are continuously advancing their tactics to outmanoeuvre traditional security defenses,” said Rob Harrison, senior vice president of product management at Sophos. “Our customers rely on Sophos MDR to help their organizations tackle today’s threats 24/7 with full-scale incident response to remove active adversaries and conduct root cause analysis to identify the underlying issues that led to an incident. We’re consistently evolving our solutions with new offerings and integrations, just like attackers are constantly evolving their tactics, so customers can disrupt threats before they escalate into destructive attacks.”

Better Together: Sophos MDR Integrations

Sophos has invested significantly in third party integrations for its MDR customers to ingest and analyze events and alerts from an even broader range of tools and products, while also expanding propriety detections based on suspicious behaviour identified in Microsoft environments.

This includes:

• A new Backup and Recovery integration pack with Acronis, Rubrik and Veeam integrations to strengthen defenses against ransomware.
• Microsoft Office 365 Management Activity integrations, enabling the ingestion of audit logs and security alerts across the Microsoft ecosystem. More than 9,000 customers have this integration in the Sophos MDR solution.

Sophos MDR Accolades

Sophos MDR has received multiple recognitions and accolades from customers, analysts and media in 2024:

• Sophos named a Leader in the IDC MarketScape: Worldwide Managed Detection and Response (MDR) 2024 Vendor Assessment
• Sophos named a Leader in the IDC MarketScape: European Managed Detection and Response (MDR) Services in 2024 Vendor Assessment.

• Sophos named a Leader in Frost & Sullivan’s 2024 Frost Radar for Global Managed Detection and Response (MDR)
• Sophos MDR declared the Winner of the “Best Managed Detection and Response Service” award in the 2024 SC Awards, and “Best Managed Security Service” award in the 2024 SC Awards Europe
• Sophos named a Gartner Peer Insights Customers’ Choice for MDR Services for the 2nd year in a row
• Sophos MDR named CRN 2024 Products of The Year for Revenue and Profit

The post Sophos MDR Defends 26,000 Customer, Grows by 37% in 2024 appeared first on Tech | Business | Economy.

Sophos, a global leader in innovating and delivering cybersecurity as a service, today launched Sophos Managed Detection and Response (MDR) for Microsoft Defender, a fully-managed offering that provides the industry’s most robust threat response capabilities for organizations using Microsoft Security.

Sophos MDR for Microsoft Defender adds a critical layer of 24/7 protection across the Microsoft Security suite of endpoint, SIEM, identity, cloud, and other solutions to safeguard against data breaches, ransomware and other active adversary cyberattacks.

“Baseline security technology alone is not enough to defeat determined attackers who will find a way in, as evidenced by the cases our incident response team manages. Attackers are extremely persistent, and organizations need a human layer of security to conduct threat hunts, identify attacker behaviors attempting to evade security tools, and respond to stop attacks with speed and precision,”

said Raja Patel, senior vice president of products and managed services at Sophos.

“Rather than forcing them to rip and replace existing technologies, we support organizations with what they need, how and where they need it – regardless of what security solutions they already use. For channel partners delivering Microsoft Security offerings, there’s tremendous opportunity to ensure customers are fully protected and maximizing value from their existing deployments.”

Sophos MDR for Microsoft Defender integrates telemetry from a broad range of Microsoft Security tools. Unlike other MDR offerings that limit support to Microsoft Defender for Endpoint or Microsoft Sentinel and provide minimal threat response capabilities, Sophos MDR fortifies the broader Microsoft Security suite, including:

• Microsoft Defender for Endpoint
• Microsoft Defender for Identity
• Microsoft Defender for Cloud
• Microsoft Defender for Cloud Apps
• Identity Protection (Azure Active Directory)
• Office 365 Security and Compliance Center
• Microsoft Sentinel
• Office 365 Management Activity

Telemetry from these sources is automatically consolidated, correlated and prioritized with insights from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit of more than 500 security analysts, threat hunters, responders, data scientists, and other specialists across Sophos worldwide.

This enables the Sophos MDR operations team to identify and stop more threats than Microsoft Security tools – or any security technology – can on their own.

“Sixty-five percent of organizations have had a significant ransomware event in the last 12 months despite significant investments in cybersecurity tools, according to IDC research. It is often not a tool but a people problem. Most IT and security teams are generally overworked, understaffed and under resourced. They cannot triage and address the daily deluge of alerts and issues to get the desired protections promised from their current tool investments,”

said Frank Dickson, group vice president for IDC’s Security and Trust research practice.

“For organizations leveraging the Microsoft security stack, Sophos MDR assists those to realize the outcomes hoped for from their existing cybersecurity investments.”

“Our guiding principle is to deliver the best security outcomes possible for our customers. Advancements in technologies like extended detection and response (XDR) and generative AI are driving efficiencies in security operations, but the human element remains a critical component to stopping advanced threats,”

said Kieron Newsham, chief technologist – cyber security at Softcat.

“We’re really pleased with how Sophos MDR is helping our customers overcome the increasing talent shortage and widening skills gap to deliver the best cybersecurity outcomes possible, independent of the customer’s size, structure or previous technology investments.”

Sophos MDR is the most widely used MDR offering with more than 17,000 customers of all sizes and across all industries, and is the top-rated and most reviewed MDR solution on Gartner Peer Insights and G2. It is the only MDR service that can be delivered across end users’ existing third-party security deployments as well as Sophos offerings.

In addition to Microsoft, organizations can also integrate telemetry sources from dozens of other vendors, including Amazon Web Services (AWS), Google, CrowdStrike, Palo Alto Networks, Fortinet, Check Point, Okta, Darktrace, and many others, through the Sophos Marketplace.

Availability

Sophos MDR for Microsoft Defender is available now to all Sophos MDR Essentials customers using security technologies included in Microsoft 365 E3 and E5 licenses.

The customizable offering with different threat response options is available through Sophos’ global channel of reseller partners and Managed Service Providers (MSPs).

The post Sophos Launches Managed Detection and Response (MDR) for Microsoft Defender appeared first on Tech | Business | Economy.

• Defenders Have Less Time to Defend; MDR Services Become Critical Cybersecurity Layer as Attacker Dwell Time Decreases, Says Sophos’ Annual Active Adversary Report

Sophos, a global leader in innovating and delivering cybersecurity as a service, has announced that its industry-first vendor-agnostic Managed Detection and Response (MDR) service has grown its customer base by 33% in the first six months since introducing the service’s ability to ingest and analyze telemetry from third-party security vendors.

Already, Sophos is processing more than 150 million alerts from nearly 30 other security providers.

Sophos has also added a new team of MDR experts in Germany to service the increasing demand in the German and European markets, as well as to support the existing globally located MDR team that monitors and defends organizations 24/7/365.

The service now protects more than 16,000 organizations worldwide and has been doubling in size year-over-year as the industry’s most widely used MDR offering.

MDR services are fast becoming an essential cybersecurity layer as attackers refine their tactics, techniques and procedures (TTPs) to overwhelm defenders. This includes decreasing their dwell time, as evidenced in Sophos’ 2023 Active Adversary Report for Business Leaders report, also announced today. Reduced dwell time indicates attackers are working faster to accomplish their end goal, whether it’s stealing data, deploying ransomware, spying, or perpetrating some other nefarious activity against a target.

Consequently, defenders have less time to respond, from identifying the presence of attackers to neutralizing them.

Analysis of incident response cases shows that median dwell times are dropping significantly – down to 10 days for the first time, and a day less for ransomware cases – and attacks are occurring continuously instead of during off business hours or over the weekend. Just as interesting, there’s no significant difference in dwell time among organizations of different sizes or sectors.

“The adoption of MDR is skyrocketing because organizations need 24×7 teams of experts to simply take over and handle cyberattacks that are executed in less time, change quickly and are more complex in nature. These factors put Sophos in the ideal position to further trailblaze the market,” said Rob Harrison, vice president of product management for security operations solutions at Sophos.

“Since introducing our game-changing ability to ingest, collate and correlate other security vendors’ signals, we’ve already processed more than 150 million non-Sophos alerts from nearly 30 common providers. We’re leading the market in terms of volume, variety and time with unique MDR data from both Sophos and the other security providers. With this advantage of ingesting data from third-party sources, we have broader context, enabling us to make better decisions, defend faster and apply deeper knowledge to new and existing MDR customers.”

The MDR market is gaining momentum as companies scramble to stay one step ahead of rapidly evolving attacks that continue to increase in number, sophistication and complexity while simultaneously trying to manage the cybersecurity talent skills shortage reality. Since its launch in October, Sophos MDR has mirrored that momentum as organizations look to realize secure outcomes and reduce their cybersecurity risk posture from their existing cybersecurity investments. The benefit of Sophos’s technology-agnostic managed service approach is that it meets customers where they are rather than requiring investment in new security tools to achieve an outcome,”

– said Frank Dickson, group vice president for IDC’s Security and Trust research practice.

Sophos MDR successfully reported malicious activity across all 10 MITRE ATT&CK steps in the first-ever independent MITRE Engenuity ATT&CK Evaluation for security service providers.

Sophos MDR was evaluated with 15 vendors, excelling in its ability to detect sophisticated threats with speed and precision.

Sophos was named the only Leader across the G2 Grid Reports for MDR, Extended Detection and Response (XDR) Platforms, Endpoint Detection and Response (EDR), Endpoint Protection Suites, and Firewall Software in the G2 Spring 2023 Reports.

In the Managed Detection and Response (MDR) Services market on Gartner® Peer Insights®, Sophos MDR is the highest rated and most reviewed MDR service with a 4.8 rating across 296 reviews as of April 24, 2023.

The post Sophos’ MDR Service Grows Customer Base by 33% Six months After Launch appeared first on Tech | Business | Economy.

The industry-leading service with more than 12,000 customers now integrates telemetry from third-party endpoint, firewall, cloud, identity, email, and other security technologies as part of the Sophos Adaptive Cybersecurity Ecosystem.

“The complexity of modern operating environments and the velocity of cyberthreats make it increasingly difficult for most organizations to successfully manage detection and response on their own, and the need for always-on security operations has become an imperative,” said Joe Levy, chief technology and product officer at Sophos.

“As with a shield, cyber-risk mitigation technology can aid in defense, yet unless you use that protection to react, the system will eventually fail; a determined attacker will eventually defeat technology alone.

Our teams of experts can now detect and remediate threats across a broad range of environments, including complex, multi-vendor scenarios, before those threats turn into something more damaging, like ransomware or a wide scale data breach. MDR is often the difference between defense success and failure in real-world situations.”

Sophos MDR is now compatible with security telemetry from vendors such as Microsoft, CrowdStrike, Palo Alto Networks, Fortinet, Check Point, Rapid7, Amazon Web Services (AWS), Google, Okta, Darktrace, and many others. Telemetry can be automatically consolidated, correlated and prioritized with insights from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit. Sophos MDR’s expansive set of third-party security integrations is enabled by technology that Sophos acquired through SOC.OS in April 2022.

Leveraging bespoke data processing and correlation techniques across this broad set of telemetry, the Sophos MDR operations team is able to quickly understand the who, what, when, and how of an attack, and is capable of responding to threats across customers’ entire ecosystems within minutes. The Sophos MDR operations team can also use third-party vendor telemetry to conduct threat hunts and identify attacker behaviors that evaded detection from deployed toolsets.

“The approach that many cybersecurity technology providers have taken with their Extended Detection and Response, and their resulting MDR offerings, is to focus on integrating only their own proprietary hardware and software products, resulting in a closed and limited ecosystem offering. The challenge of this approach is that attributes of existing IT architectures may not be negotiable, given the realities of commercial contracts, technical debt or IT complexity,” said Frank Dickson, group vice president for IDC’s Security and Trust research practice.

“By expanding its MDR offering to include compatibility with third-party cybersecurity products, Sophos is delivering a more technology-agnostic managed service that truly meets customers where they are and the realities they are forced to embrace.”

Sophos MDR is customizable with different service tiers and threat response options. Customers can choose whether to have the Sophos MDR operations team execute full-scale incident response, provide collaborative assistance for confirmed threats, or deliver detailed alert notifications for their security operations teams to manage themselves.

“Sophos is the leading cybersecurity-as-a-service provider because of its focus on compatibility, accessibility and driving tangible business outcomes,” said Jeremy Weiss, executive technology strategist at CDW. “Unlike many MDR services in the market today, you don’t have to make any compromises with Sophos – you can keep the cybersecurity tools you already have in place, choose what level of support you need, and what outcomes you want to achieve. Sophos is setting a new standard for how MDR should be delivered, and I won’t be surprised when other providers follow in its footsteps.”

Availability

Sophos MDR is available now through Sophos’ global channel of reseller partners and Managed Service Providers (MSPs).

Integrations with select third-party security technologies will be generally available at no charge by year end. Customers can also purchase additional integration packs for other compatibility, with pricing based on the number of seats.

The post Sophos Managed Detection and Response (MDR) Service Launches Compatibility with Third-Party Cybersecurity Technologies  appeared first on Tech | Business | Economy.