After enhancing the Threat Indicators features since it was made available to Intercept X Advanced with EDR and Intercept X with EDR for Server customers in July, Sophos has now declared the feature Generally Available.
Threat Indicators solves the #1 most requested feature for EDR users – knowing where to start an investigation. Now admins will utilize a prioritized list of the most suspicious activity, so they know what needs to be investigated and how urgently it needs to be addressed. Admins will see the most suspicious undetected files based on their suspicion level, when the file was first seen, how many machines are impacted, and whether the file has executed or not.
Since the launch of the Beta in July customers will now notice:
The list of suspicious activity is generated using machine learning technology built by the SophosLabs Data Science team.
Learn more about Threat Indicators: