According to the report, Sophos XDR detected 100% of the adversary behaviours in attack scenarios targeting Windows and Linux platforms, mimicking malware strains from ruthless ransomware-as-a-service gangs LockBit and CL0P.

Further, all of Sophos’ responses to these ransomware attack scenarios were marked “technique” – the highest possible rating that denotes who, what, when, where, why and how attacks were carried out.

Sophos XDR achieved:

• ‘Analytic coverage’ ratings for 99% of sub-steps (79 out of 80) across three comprehensive attack scenarios
• Highest possible (‘Technique’) ratings for 98% of sub-steps (78 out of 80)
• Highest possible (‘Technique’) ratings for 100% of sub-steps in the Windows and Linux ransomware attack scenarios

“Attackers are relentless to innovate techniques to bypass trusted security defenses. This assessment from MITRE helps security buyers evaluate the effectiveness against today’s threats,” said Simon Reed, chief research and scientific officer at Sophos. “Sophos is committed to transparency and conducting third party measurement to help security buyers make informed decisions to strengthen their security posture. We’re proud of Sophos XDR’s ongoing excellence both in industry testing and real-world frontline defenses. We’re consistently evolving our solutions, just like attackers are constantly evolving their tactics, so our customers can stop known and unknown threats before they escalate into destructive attacks.”

MITRE ATT&CK Evaluations are among the world’s most respected independent security tests. This round of MITRE ATT&CK Evaluations: Enterprise evaluated the abilities of 19 vendors in detecting and analyzing attack tactics, techniques, and procedures (TTPs) leveraged by real-world adversarial groups.

In this cycle, MITRE also expanded ATT&CK Evaluations to include macOS attacks emulating tactics from the Democratic People’s Republic of Korea – where 19 out of 21 Sophos XDR detections were also categorized as “technique” – the highest possible rating.

Sophos XDR combines active adversary mitigations – including industry-first Adaptive Attack Protection that immediately activates heightened defenses when a hands-on-keyboard attack is detected, stopping the attack and providing defenders valuable additional time to respond; anti-ransomware technology; deep learning artificial intelligence; and exploit prevention to prevent and stop attacks.

It is powered by Sophos X-Ops threat intelligence, a cross-operational task force of more than 500 security experts within SophosLabs, Sophos SecOps, and SophosAI.

[Disclaimer: MITRE does not rank or rate participants]

The post Sophos XDR Excels in MITRE ATT&CK Evaluations – Enterprise appeared first on Tech | Business | Economy.

Sophos Endpoint defends more than 300,000 organizations worldwide against advanced attacks with anti-ransomware, anti-exploitation, behavioural analysis, and other technologies that stop threats before they escalate.

In the report, IDC applauds Sophos Endpoint for including “a more expansive set of protection technologies (host-based firewall and IDS/IPS, device control, DLP, and encryption) as standard features in its endpoint security offering.”

In addition, “in the discipline of systematically strengthening customers’ security posture, Sophos has a strong set of features in customer security advisory recently enhanced with an account health-checking feature (detecting and remediating security configuration drift).”

The report also praises Sophos for adding “several new capabilities: adaptive attack protection, critical attack warning and data protection and recovery” to further mitigate risks.

With an extensive and expanding range of integrated capabilities spanning protection, detection, response, and recovery, Sophos Endpoint seamlessly integrates with other vendors’ and Sophos products including Sophos Managed Detection and Response (MDR), the most widely used MDR offering.

Sophos Endpoint is also the foundation for Sophos Extended Detection and Response (XDR) and Sophos Endpoint Detection and Response capabilities (EDR).

“We’ve strategically engineered our products and services to work together and with third-party systems to create comprehensive, preventive and highly actionable defenses,” said Rob Harrison, senior vice president of product management at Sophos. “We’re also committed to innovation, which is critical for consistent protection against aggressive and determined cybercriminals. Sophos Endpoint protections, specifically Sophos Intercept X, continue to be recognized as industry-leading, which reflects our innovative approach to developing defenses against the latest and anticipated attacker tactics, techniques and procedures, including the recent increase in the deliberate use of remote ransomware to evade detection.”

“Adaptive attack protection, introduced in early 2023, is a demonstration of Sophos’ means to disrupt hands-on-keyboard attackers while minimizing potential disruption to legitimate operations. Tuned to detect attackers pivoting to more aggressive tactics, protection sensitivity is automatically elevated to prevent damage. Once the malicious activity is no longer present, normal protections are automatically reestablished. Sophos critical attack warning alerts security personnel when immediate attack responses are necessary. Responses, estate wide if warranted, can be orchestrated through Sophos MDR, incident response (IR) or XDR. The prevalence of ransomware attacks compels organizations to be prepared to recover,” said the IDC report.

“With their professional and managed security services, expanded product set, and ability to integrate with existing security investments, it’s clear that Sophos understands the needs and challenges of a midsize business,” said Michael Suby, research vice president, Security & Trust, IDC. “Sophos’s comprehensive approach from prevention through recovery places Sophos on the shortlist of midsize businesses looking for an established and effective partner for security.”

Managed in the cloud-native Sophos Central platform, Sophos’ portfolio solutions are part of the Sophos Adaptive Cybersecurity Ecosystem, where security data is collected, correlated and enriched with additional context to enable automatic and synchronized responses to active threats.

This platform is further optimized by Sophos X-Ops threat intelligence, a cross-operational task force of more than 500 security experts within SophosLabs, Sophos SecOps and SophosAI.

The post Sophos Named a Leader in the 2024 IDC MarketScape for Worldwide Modern Endpoint Security appeared first on Tech | Business | Economy.