How does Sophos update its own cyber threat information?


I am completing a security questionnaire for a potential client. 

One of the questions asks to provide evidence of the sharing of cyber threat information and how it is integrated into tools that our organization uses. 

Example technologies or guidance for this question include STIX, Alienvault, and Cyber Threat Alliance, the last of which Sophos is a member. 

I have searched the website and documentation but cannot come up with any concrete information that details how Sophos sources or updates the intel that they use to update their lists of known bad IPs, exe files etc. 

Can someone please point me in the direction of some documentation that would support this? Or is that private information? 


Top Replies