• 29 Nov 2019

    Forensic Snapshots can now be uploaded to S3 Buckets

    Sophos EDR enabled devices are continually capturing data related to process, file, network and other system activity. EDR licensed customers have the ability to generate a forensic snapshot on demand where all activity being monitored is packaged up and made available so that customers can do a detailed analysis on this data. In the past, after a forensic snapshot was generated, admins would need to retrieve the snapshot...
    • 5 Nov 2019

    EDR Threat Indicators now Generally Available

    After enhancing the Threat Indicators features since it was made available to Intercept X Advanced with EDR and Intercept X with EDR for Server customers in July, Sophos has now declared the feature Generally Available. Threat Indicators solves the #1 most requested feature for EDR users – knowing where to start an investigation. Now admins will utilize a prioritized list of the most suspicious activity, so they...
    • 17 Jul 2019

    The EDR Threat Indicators feature is now live in Beta

    Customers of Intercept X Advanced with EDR and Intercept X with EDR for Servers will see a new Threat Indicators feature available in their Central Threat Analysis Center. Threat Indicators solves the #1 most requested feature for EDR users – knowing where to start an investigation. Now users will utilize a prioritized list of the most suspicious activity, so they know what needs to be investigated and how urgently...
    • 23 Apr 2019

    Intercept X Advanced with EDR 1.1 now available

    Intercept X Advanced with EDR 1.1 is now available. With this latest update, EDR enabled devices will now start to capture and allow searching for the execution of good admin tools which can be used for malicious purposes. To begin with we’ll be supporting PowerShell executions and will look to add support for new admin tools over time. Analysts now have the ability to track down malicious executions that otherwise...
    • 5 Mar 2019

    Introducing Intercept X for Server with EDR

    All of the tasty EDR goodness you know and love from Intercept X Advanced with EDR is coming soon to Windows Servers. If you want to get a sneak peak see here to get details on joining the early access program.
    • 19 Feb 2019

    Introducing the new Threat Analysis Center

    To simplify the experience when reviewing and analysing Threat Cases we are making changes to where Threat Cases are accessed in Sophos Central. A new Threat Analysis Center can be found in the main Overview section of Sophos Central and this new area will consolidate all Threat Cases across both endpoint and server (and any future device types that might support Threat Cases and EDR capabilities). On February 20th ,...
    • 29 Oct 2018

    New and improved root cause analysis in Intercept X

    We have some exciting news for Intercept X and Intercept X for Server customers. This week we launched a new and improved version of Root Cause Analysis (RCA) for investigations. With this new functionality comes a new name - “Threat Cases”. Threat Cases automatically identify the root cause or sequence of events that led to a potentially malicious file. With the new release, we will also display more intelligence...
    • 20 Jul 2017

    Intercept X Early Access Program - Active Adversary and Deep Learning

    Description This is the first of multiple updates planned during the early access period. In this release we have added multiple protections to the Intercept product to prevent active adversaries form completing their objectives, from Credential Theft Prevention, to protections against new exploit techniques like eternalblue and double pulsar the exploits used in the wanna cry worm. This fall we add Deep Learning...
    • 14 Mar 2017

    Early Access Program Release: CryptoGuard for Disk and Boot Record Protection

    Description Intercept X CryptoGuard technology protects you from ransomware that encrypts your data. Now we are adding boot record and disk wipe protection to further defend your computer against tampering. Try the enhancements now as part of our Early Access Program to provide feedback Eligibility details Intercept X Disk and boot protection is available on Windows 7 and above How to enable the features This...
    • 13 Dec 2016

    Early Access Program Release: CryptoGuard for macOS

    Intercept X CryptoGuard technology is now available for early access program testing on macOS When Intercept X launched for Windows desktops in September, we heard a lot of requests for macOS. We're delighted to announce availability of the Early Access Program of our CryptoGuard anti-ransomware technology for Apple Mac computers. If you're already using Intercept X or have a Sophos Central account for a trial...
    • 1 Dec 2016

    Intercept X mitigates Firefox & Tor Browser Exploit

    Firefox and Tor Browser, make sure you update your browsers. Read up on the latest exploit in the wild . Intercept X already protects you from this exploit (there is no audio for this video) (Please visit the site to view this video)