We are thrilled to announce that the latest version of Sophos EDR (endpoint detection and response) is now available in Intercept X Advanced with EDR and Intercept X Advanced for Server with EDR. This release brings powerful new capabilities that enable both IT admins and security analysts to ask detailed IT operations and threat hunting questions across their entire estate. It also provides new functionality to remotely respond with precision.
Existing EDR customers will see these new features appear in their Sophos Central consoles throughout June (see below for additional rollout details).
Upgrade your IT security operations Maintaining proper IT hygiene can be a significant time investment for IT admins. Being able to identify which devices need attention and what action needs to be taken can add another layer of complexity.
With Sophos EDR you can now do just that, quickly and easily. For example:
Hunt and neutralize threats Tracking down subtle, evasive threats requires a tool capable detecting even the smallest indicator of compromise.
With this release Sophos EDR is significantly enhancing its threat hunting capabilities. For example:
Introducing Live Discover and Live Response The features that make asking and answering these vital questions possible are Live Discover and Live Response.
Live Discover allows you to examine your data for almost any question you can think of by searching across endpoints and servers with SQL queries. You can choose from a selection of out-of-the-box queries that can be fully customized to pull the exact information that you need both when performing IT security operations hygiene and threat hunting tasks. Data is stored on-disk for up to 90 days, meaning query response times are fast and efficient.
Live Response is a command line interface, that can remotely access devices in order to perform further investigation or take appropriate action. For example:
And it’s all done remotely, so it’s ideal in working situations where you may not have physical access to a device that needs attention.
Try out these powerful new features
From June 23, Intercept X and Intercept X for Server customers, as well as customers with other products managed via Sophos Central that want to try out EDR can do so immediately within the Sophos Central console by selecting ‘Free Trials’ in the left-hand menu and choosing the ‘Intercept X Advanced with EDR’ or ‘Intercept X Advanced for Server with EDR’ trials.
If you aren’t currently using a product managed via Sophos Central take a look at Intercept X, which gives you world class protection against the latest cybersecurity threats in addition to powerful EDR capabilities. Start your free trial today.
Product Rollout Timing All Sophos EDR customers will automatically see these new features added to their Sophos Central consoles throughout June. Most customers who have participated in the Early Access Program should now have access to the new features. We expect all other customers to get access to the features by June 23rd.
Live Discover is available on Windows and Linux platforms now, with Mac support coming soon. Live Response is available on Windows now, with Linux and Mac support coming soon.