Now with the XDR Detections EAP open folks can see all activity that has been classified to MITRE ATT&CK. The new page is in the Threat Analysis Center and has lots of really great information on what has been observed in your environment. &...

This EAP is a persistent program where you can subscribe to the latest and greatest new features and fixes. Participants are encouraged to try out these features and provide feedback to or development team to help improve the product.  Improveme...

Hi all, HTTPS inspection is being enabled by default for devices in the EAP now that the roll out has finished, (both Endpoint and Server). When users visit websites via browsers the Sophos endpoint will decrypt HTTPS network traffic for the pur...

We are excited to announce the opening of the Detections and Investigations Early Access Program (EAP).  The EAP begins with the introduction of the Detections dashboard which provides a prioritized list of suspicious activity for further invest...

For query assistance, please see the following Best Practices guide With XDR we have access to the OSQuery supported tables and the ability to write our own SQL queries that can include variables.  One of the tables available is a YAR...

Hi Community, On behalf of the team, we would like to thank everyone who participated in our Apple M1 (ARM) Early Access Program, especially those who took the time to share their feedback. With Apple M1 (ARM) now officially supported,...

Over the past few weeks and coming weeks we have/will release some new Intercept X Advanced with XDR features that I wanted to make everyone aware of. Live Discover Customer Defined Enrichments: Customers can now define their own Live Discover data e...

Just a quick note to say that all of Season 2 is now available at the on-demand page, for you to review and please share with colleagues! https://events.sophos.com/sophosthreathuntingacademy2  We have one more video to come which will...

Having attended the series, to become a Sophos XDR Certified Admin, you now just need to take a short test to validate your knowledge. Completion of this (the pass mark is 80%) will automatically send over your certificate, which you can print out an...

Hi all, On July 22nd we launch our Server Protection anti-virus plugin for all customers, so you can now run on-demand scans of your Linux servers. This update will provide the following features and functionality: Next generation threat detect...

For the typical Central administrator using Live Discover, often times you are just looking to run a pre-canned query to get results as quick and easy as possible so we've made some changes in Central to help simplify using Live Discover for those ad...

I really enjoyed today's session - I hope you did too! Really interesting content from Brandon, and great to see the power of Firewall and Server working together. There's a number of good Threat Simulation platforms as we discussed in today&...

Great sessions this week - thanks to all of you for joining in with the conversations. Here's some of the areas Ben covered in his session, and the resources that you might want to explore further... As mentioned in our discussions it's ofte...

Great to see so many of you on the sessions today - thanks for tuning in and getting stuck into the interactive side. It's really good knowing we have so many keen threat hunters out there! Here's a collection of resources from Ashek - please do let ...

We're less than 2 days out from kicking off the next season of the Sophos Threat Hunting Academy, and I for one can't wait to get started! We have some much we want to share with you this time round, and the power you can add to your threat hunting w...

In May, we achieved a few significant strategic milestones in our product roadmap.  This included advancements in our EDR offering, the introduction of the Sophos Data Lake, and the launch of Extended Detection and Response (XDR) with integrati...

As previously communicated, from the beginning of June, no new customers are able to enroll into the XDR & EDR Data Lake Endpoint and Server early access programs (EAPs).  For customers who were already enrolled, they are no longer able to a...

Click to view the Japanese version: Intercept X Advanced with EDR のアップデート With the launch of EDR 4.0 in May, Sophos has introduced significant enhancements to the Endpoint Detection and Response (EDR) offering.  A key new EDR component is the S...

I have some very exciting news - the Sophos Threat Hunting Academy is back! We're all so excited about getting to do this again, and can't wait to get started! Starting 14th July, we have 4 new live and interactive sessions for you, this ti...

On June 24 we will release support for ARM64 devices running Windows 10 The latest Windows  installer (v1.11) will detect ARM64 devices and install Intercept X Advanced. Installations attempted with earlier versions of the instal...

Hi guys, We are running a new UX Research Project to understand better what types of Orientation Information is most important to our users regarding Indicators of Compromise (IOCs). If you are interested and would like to help with this project, we ...

As previously communicated, from the beginning of June, no new customers are able to enroll into the XDR & EDR Data Lake Endpoint and Server early access programs (EAPs).  For customers who were already enrolled, they are no longer able to a...

Hi all, We have some exciting changes coming to the Endpoint/Server Protection and EDR Features Early Access Program over the next few weeks. One of the biggest changes is the decrypt and re-encrypt of HTTPS traffic between the browser and the w...

Hello All, With EDRv4 and our new XDR offering having become generally available in mid-May, Sophos will now begin the wind down of the XDR & EDR Data Lake Early Access Programs.  At this point we will not be introducing any new functionalit...