All Sophos Managed Threat Response (MTR) customers are invited to participate at no charge or obligation to the MDR Integrations Early Access Program (EAP) for enhancements to 3rd party telemetry leveraging our recent acquisitions, SOC.OS and BrainTrace. We would like your feedback on the integration and your participation will allow us to confirm that a wide range of telemetry acts as expected and the detections generated across your environment are being appropriately tuned and classified for case creation.
NEW features available during the EAP
MS Graph API Integration
Now generally available for all MTR customers
Provides access to MS Defender, Azure Active Directory and other MS Security Center alerts
Improved Detections dashboard
We are improving the detections display to provide access to detections from Sophos and any configured 3rd party integrations as they become availableCurrently this displays all detections in a generic format. We will be adding custom record views in the next few weeks
Released to EAP
Connector - AWS Security Hub
A new connector that works with the Amazon AWS Security Hub and Guard Duty. More details here: https://community.sophos.com/mdr-community-channel/mtr-connector-eap/b/announcements/posts/enabling-asw-security-hub-guard-duty-in-mdr
Connector - Optix
Enable the Optix detections to be visible in the Sophos Detections list. This Easy connector leverage the already available Optix integration. Full instructions here: https://community.sophos.com/mdr-community-channel/mtr-connector-eap/b/announcements/posts/enabling-asw-security-hub-guard-duty-in-mdr
Network Detection and Response
With the acquisition of Brain Trace we are adding an NDR capability to augment your existing network security products. The Virtual appliance deploys in your network and monitors for a variety of threats in encrypted and regular traffic
A version of the Sophos XDR Endpoint that can run alongside competitive Anti-Virus products to provide detection only information for the XDR data lake and MDR service (No Protection features enabled)
Expected in November
Data lake and Detection Search
A new simple search capability is being added to allow administrators to easily and rapidly search for information across the entire data lake and all detections from Sophos and 3rd party integrations
Coming Soon - Oct 10-15
New 3rd party Integrations
We are adding support for a broad variety of 3rd party security products to collect and process alert and audit information from them. (Email, 3rd party Endpoint protection, Firewall, Identity, Network)
By expanding your threat visibility through a larger ecosystem of security solutions, you enhance your detection context through a single pane of glass, ultimately decreasing the time it takes to detect, investigate, and respond to threats. Participation in the program is an exclusive opportunity to have a direct impact on the services and products you use today, increasing the return on investment in the security solutions you already have. As a participant in the EAP we encourage your direct participation in the community form and with the products team to ensure the solutions provided meet your needs.
When Will the Early Access Program Start?
The MDR Integrations EAP is currently OPEN and new features are being added every few weeks
Where to send questions?
You can post questions directly on the Discussioon page for the EAP or email us directly
Discussion Page: https://community.sophos.com/mdr-community-channel/mtr-connector-eap/f/discussions