Register Now: Sophos AMA #3: A Look Behind the Curtain at SophosLabs

How do our security operations stave off ransomware and cyberattacks on your behalf?

That's a question we get asked repeatedly by Sophos customers eager to understand the inner workings of our threat intelligence solutions. Our standard (and honest) answer is that Sophos has an army of humans and AI technology behind the scenes, jointly collecting, correlating, and analyzing data in real-time to monitor and stop threats before they attack your systems. 

To embrace transparency and answer that question more fully, we decided to pull back the curtain and take a deep dive into SophosLabs. And we thought an Ask Me Anything session was the best format to take on such a task. In our next AMA, host Andrew Mundell will be joined by James Wilson, Product Director for SophosLabs. James will reveal how human-led research works with artificial intelligence to investigate edge cases, monitor trends, and fine-tune Sophos security products for even better protection. 

Join us on April 21, 2022, at 10 a.m. ET / 15:00 BST, to look at how SophosLabs provides world-leading threat intelligence via SophosLabs Intelix. This is your chance to ask about how our platform provides threat analysis to your favorite Sophos products and how it can be integrated into your security solutions via AWS Marketplace. We'll also look at how SophosLabs processes billions of data points daily to build — and continually adjust — the foundation of our threat intelligence offering.

Best of all, we'll feature a live demo to show how you can proactively stop attackers in their tracks by accessing the intelligence of SophosLabs to deliver critical threat protection and detection security to your applications.

Webinar Details

April 21, 2022 | 10:00 a.m. ET | 15:00 BST | Register Now

Pre-registration is required and allows you to send questions in advance.

Can't make it?

Even if you may not be able to attend any of the live sessions, be sure to still register. We'll send a link to the recording following the presentation.

We hope you can join us!

In Case You Missed It

If you weren't able to attend AMA #1: Threat Hunting with XDR, you can still catch the Q&A here. 

If you weren't able to attend AMA #2: Hacked From Home, you can still catch the Q&A here

Q&A From the Webinar

Question Answer
Has SophosLabs seen any changes to threats since the crisis in Ukraine broke out? We have a dedicated resource center tracking these events. You can find all the information here: https://www.sophos.com/en-us/content/ukraine-crisis-resource-center.
Can Sophos integrate with Office 365 without changing DNS records? Yes! You can find the mail flow details here: https://docs.sophos.com/central/customer/help/en-us/ManageYourProducts/EmailSecurity/SophosMailflow/index.html.
Is Intelix the same as submitting something to Sandstorm on your firewall? Yes, SophosLabs Intelix is the cloud-hosted platform that provides static and dynamic analysis to Sandstorm and other features in the Sophos Products.

Submitting a file to intelix.sophos.com will give you the same reports that you would get if that file is submitted to Sandstorm on the firewall.
What's the lag time between an Intelix decision on a file or URL and a Sophos Central protected agent being able to benefit from that decision? The lag time will vary depending on all the information provided about a particular file or URL. In some cases, it’ll be minutes, while in others, it can be a lot longer.
Where does the Intelix service reside (asking for GDPR purposes)? Intelix.sophos.com resides within the UK. Any files etc. submitted via this Web Portal are submitted to the data center in the UK.

The Intelix service has multiple locations (U.S., U.K., Germany, Japan, and Australia). When using this with our products (firewall, email, etc.), you can select your preferred data center or let Sophos decide where our closest data center is located (based on network latency).

More details can be found in our Information Security Policy located here: https://www.sophos.com/en-us/legal/SophosLabs-information-security-policy.
How long does Intelix typically take to process a file or URL submission? Is it the same infrastructure that processes the automatic submissions from other sources? The infrastructure is designed to handle multiple users in parallel. The static analysis results are typically returned quickly and the dynamic analysis take a few minutes. Similar performance is provided to intelix.sophos.com as to the Sophos products using Intelix.
Will the Intelix website you showed be integrated into Sophos Central? This is being considered within Product Management / Engineering at the moment.