• 8 Oct 2018

    Deep Learning Malware Analysis introduced to Intercept X EDR Early Access Program.

    Feedback when requesting the latest Sophos Threat intelligence on processes from within Threat Cases has been vastly improved with the introduction of Deep Learning Malware Analysis to the Intercept X EDR Early Access Program. This feature automatica...
    • 4 Oct 2018

    EDR Early Access Program Test Guide Available Now

    As testing some of the new Endpoint EDR capabilities can be a bit tricky, Sophos have put together a Test Guide to help demo and test the new capabilities. The Test Guide walks through the scenarios below: The investigation of an existing detection where suspect files are identified in the threat chain which warrant further investigation. A file is submitted to SophosLabs for further analysis, an Item Search across...
    • 17 Sep 2018

    Intercept X with EDR Early Access Program Now Open

    The best just got better. Sophos is pleased to announce that the Intercept X Advanced with EDR Early Access Program is now open. The new Endpoint Detection and Response (EDR) capabilities allow you to take charge of security incidents by answering the tough questions about an event, investigate with deep expertise, and respond with a click of a button. The EAP is open to Central Endpoint Protection Intercept X customers...
    • 13 Sep 2018

    Sophos Endpoint Detection and Response - Private EAP Update

    Thursday, the 13th of September, Sophos plans on launching the next round of capabilities as part of the EDR Private Early Access program. The new capabilities being launched in this part of the Early Access Program are: Respond Capabilities In the event potential undetected threats have been identified, new respond capabilities can be applied to help contain the threat. Admin led isolation can restrict the network...
    • 25 Jul 2018

    Using the SDR Exporter

    Demo of SDR Exporter and RCA Threat Case investigation: For the attack to get as far as it did I had to turn off 90% of the Sophos endpoint protections. In the scenario the adversary compromises the endpoint and downloads multiple malware tools only one of which is caught. The RCA will show both the convicted software and the suspect files downloaded that did not trigger a detection.The SDR Exporter can be used to see...
    • 19 Jul 2018

    Sophos Endpoint Detection and Response - Private Early Access Program

    Sophos are pleased to announce the Endpoint Detection and Response early access program for Central Windows Endpoints. The new Sophos Endpoint Detection and Response capabilities empower admins with deeper insights into the activity on their endpoints to identify and respond to advanced threats. Initially this will be a private early access program before opening up to a public early access program in a few months. If...