We are excited to announce the opening of the New XDR Features Early Access Program (EAP). This EAP will be used to give early access to some of the latest and greatest XDR capabilities Sophos currently has in development.
The EAP begins with the introduction of the XDR Sensor which is a new deployment option specifically designed for prospects/customers who are unwilling or unable to replace their existing, non-Sophos endpoint protection platform with the full Sophos Intercept X Advanced with XDR agent but are interested in benefiting from our endpoint detection, investigation, and response capabilities. Common examples of this include:
What Capabilities Does the Sophos XDR Sensor Enable?
The Sophos XDR Sensor operates in a detection and response-only mode, which means it does not provide automated protection/prevention actions. The customer or prospect will continue relying on their existing third-party endpoint protection tool and will benefit from the following capabilities enabled by the Sophos XDR Sensor.
Threat Detection Capabilities:
Threat Investigation Capabilities:
Threat Response Capabilities:
How do I join the New XDR Features EAP:
When logged into Central, click on username at top right of screen → Select ‘Early Access Program’
On the Early Access Program page click to 'Join' the ‘New XDR Features’ EAP:
You are now successfully enrolled in the EAP.
Deploying the XDR Sensor to your devices:
From the Protect Devices page in Central you now have access to the XDR Sensor installer. Download and run this installer on your endpoint device:
Note: The install is only supported on Windows 10 x64 and Windows Server 2016 devices and above. This installer is pre-configured to only install the XDR Sensor and to not run the Competitive Removal Tool so that we don’t interfere with a non-Sophos protection product. You should only install to a device that does not already have Sophos Protection installed.
When the installation completes, you can verify the successful install from Sophos Central where the device will appear like so:
At this stage you can do any testing you would like on the device. With the XDR sensor you can use tools like Live Discover, Live Response, Admin Isolation and suspect activity that can be identified will be highlighted in the Detections/Investigations dashboards. If you encounter any problems, have issues with deploying with any non-Sophos Protection products, notice any performance problems please report to the dedicated XDR Sensor Discussion Community here.
is this EAP still active?? I ask as I dont see it on my Central EAP page where you join / manage EAP's??