Sophos NDR monitors activity deep inside the network for suspicious and malicious traffic patterns that could signal an attack and detects a wide range of security risks, including rogue and unprotected devices, insider threats, undetected zero-day attacks, and threats targeting internet of things (IoT) and operational technology (OT).
Sophos has introduced several new solutions that advance critical defenses against active adversaries. Sophos exposes how these active adversaries are now carrying out ransomware “fast” attacks in mere hours in “The 2023 Active Adversary Report for Security Practitioners” also published today.
The Sophos X-Ops report showcases the forensics of fast smash-and-grab ransomware attacks and the precise tactics, techniques and procedures (TTPs) attackers are using to operate in this new high-speed attack mode – including preferred living-off-the-land binaries (LOLBins) and other tools and behaviors that get them close to crucial resources that they want to exploit. This evidence in the report and detailed explanations of how certain attacks unfold demonstrates the need for regularly adapted security solutions to protect, detect and disrupt intrusions as fast as possible on the attack chain.
“In the face of fast-moving adversaries who are continuously evolving their TTPs – and often blend the use of legitimate tools – to execute multistage attacks, cybersecurity defenses need to be dynamic and foresightful. Sophos is taking a proactive, protection-first approach to stopping threats at the front door before they escalate. We’re evolving products with industry-first security capabilities that are powered by Sophos X-Ops’ deep threat intelligence from more than half a million organizations globally to identify and counter threats at speed and scale,” said Raja Patel, Chief Product Officer, Sophos.
New Sophos Firewall v20 software with Active Threat Response automatically shuts down attacks and blocks active adversaries from entering networks, all without having to add firewall rules. This new version of Sophos Firewall software also includes an integrated Zero Trust Network Access (ZTNA) gateway that makes it easy for organizations to provide modern secure remote access to applications behind the firewall; network scalability enhancements to support distributed enterprises; and ease of use management enhancements. Sophos Network Detection and Response (NDR) with Extended Detection and Response (XDR): Sophos NDR is now available for Sophos XDR and Sophos Managed Detection and Response (MDR) customers to extend their threat detection capabilities to the network.
“As attackers speed up their attack timelines, one of the best things organizations can do is increase friction whenever possible; in other words, if their systems are well maintained, attackers must do more to subvert them. That takes time and increases the detection window. Robust, layered defenses create more friction, increasing the skill level the attacker needs to bring to the table. Many simply won’t have what it takes and will move on to easier targets,” said John Shier, Field Chief Technology Officer, Sophos.
“These new cutting-edge innovations empower us as an MSP to take a more proactive approach in locking the doors and standing up adaptive and customizable protections throughout our customers’ varied estates to keep determined attackers at bay. Sophos is continuously updating its technology portfolio to protect against changing threats, and, as a result, we’re extremely confident in our ability to detect and respond to threats early on before they cause any damage,” said Sam Heard, President, Data Integrity Services.
The new Sophos Firewall software is available for immediate purchase exclusively through Sophos’ global channel of partners and managed service providers (MSPs), and as a complimentary upgrade for all licensed firewall customers. New Sophos NDR and XDR third-party integration packs will also be available by the end of November. Organizations can also leverage Sophos MDR as a comprehensive service to detect and respond to threats.
