Hola, my digital chums. To all my American friends, I hope you had a wonderful National Honey Bee Day as well as enjoyed the month-long celebrations of National Hot Dog Month and National Ice Cream Month... (seriously, whatever you guys are on, I want some).
Sophos Central decided to skip having a summer holiday this year to ensure you and all your assets are safe and sound while you sun yourselves and drink Mai Tais by the pool (ain't you a fancy pants).
Ehem... So let's find out what delightful summer treats our Central engineering wizards have been working on!
(Feel free to click on any of the numbered items above to jump straight to any item in particular.)
By General Availability (GA), we mean that this functionality has been released and is ready for you to dive into and start using. Often, new products or features first start out as Early Access Programs (EAP) before they become Generally Available after we've had your insights and feedback, helping us deliver the best possible products.
Thanks to awesome feedback from our community, we've added in the ability to create custom administrative roles for both the Partner and Enterprise interfaces.
Sometimes you want to share responsibility for your security amongst your admins so that you can distribute the workload and control access through segmentation.
Maybe you don't want the frontline helpdesk having access to changing policy and seeing the logging. Perhaps the network team want to own configuration and management of web, email, wireless, and firewall, and the endpoint team want to own endpoint, server, mobile, encryption, and phishing.
It's your call with custom roles. We think they're simple and flexible and we hope you do too!
Want to make sure all the email servers you're sending mail to and receiving email from is always done so with Transport Layer Security (TLS)? We got you, fam.
Just flick on TLS Enforcement, either inbound only, outbound only, or bi-directional, and tell us which domain you want it enforced for (wildcards supported too). S I M P L E SSSSS
EAPs are our way of letting customers get access to upcoming products and features ahead of their release. This month we are launching two new EAPs which customers can join right away and get their hands on our latest innovations before they are released.
Firstly, I need to get something out of my system.
Aaaaaaaaaaaaaaah, much better. This is an EAP I've been exceptionally excited for.
EDR - Endpoint Detection and Response - is one of the hardest activities there is in security. In essence, trying to find the threats that snuck past your defenses and, once found, launching an all-out tactical assault upon them (HADOUKEN!).
Where do you even start?! Staring into an abyss of tables of uncorrelated data and logs, row after row, record after record. Taking a wild stab at a few queries and pounding your head against the keyboard until your forehead looks like a cobblestone road?
Nope, none of that, silly. You just take a look at the Threat Indicators of course!
Threat Indicators are a queue of suspicious items that our machine learning models have detected on your network. Dive into your Threat Analysis Center to see both the dashboard widget as well as a link in the leftnav to the Threat Indicators queue.
Our architecture does not rely on a single machine learning model to find these indicators. Instead, multiple models share their intelligence with each other to provide context - much in the same way that humans correlate information from multiple logs and sources to build a bigger picture.
View the details on an indicator, see what machines it has been found on, whether is has executed (run on the machine), and even submit the indicator to SophosLabs for analysis - a fancy, detailed report on its capabilities and nature will be displayed.
You can even generate a threat case to instantly identify the root cause, showing the chain of events that explains how that threat made it on to the machine in the first place.
This is a feature that will always be constantly tweaked and improved through the use of new and additional machine learning models as we attempt to close the gap and automate the time-consuming (for humans) activity of identifying suspicious events.
Kevin has great coverage of this awesome EAP on the Community blog and even has a link to a fab video demo on Vimeo too! Nice one, Kev.
Email is still one of the most common ways users accidentally (or purposefully) send personally identifiable information (PII) and other forms of sensitive information outside of the company network. GDPR and its giant fines for data loss say hi.
Put a stop to emails with data-leaky body content and attachments, inbound and outbound, with our latest enhancements to our existing content control policies.
Policies are a snap to create using our pre-made Content Control Lists (CCLs) that cover a broad spectrum of data types for PCI, HIPAA and more such as credit card information, social security information, addresses, telephone numbers and healthcare records.
Feel free to create your own CCLs with regex support for easy pattern matching for any type of data (except HTML, you can't parse HTML with regex. Because HTML can't be parsed by regex). The policy wizard guides you through every step of building a quality rule so you won't have to spend ages dwelling through configuration settings.
Reporting looks pretty too!
Richard has posted a really detailed article on our Community blog covering all these new features so make sure you head over and give it a jolly good read!
They say that nothing perfect lasts forever... Here marks the end of yet another What's New in Sophos Central. I'm sure going to miss you all! Aw shucks, who's cutting onions? Quick, cut to the facts!