1 May 2022

Sophos Cloud Optix is available in two licenses, Cloud Optix Advanced and Cloud Optix Standard. Cloud Optix Standard is included in the following Intercept X Advanced for Server licenses:

Intercept X Advanced for Server
Intercept X Advanced for Server with XDR
Intercept X Advanced for Server with MTR Standard
Intercept X Advanced for Server with MTR Advanced

From 1st June 2022, Cloud Optix Standard customers benefit from a range of new capabilities and changes to the number of environments that may be monitored.

Which features are affected?

Cloud Optix Standard will now include all the major features of Cloud Optix Advanced such as network and IAM visualization, and container image scanning. The changes to feature availability are highlighted in the table below:

Feature	Current Standard	New Standard	Advanced
Cloud environment monitoring: AWS, Azure, GCP, Kubernetes, IaC and Docker Hub registries	Unlimited	One per provider	Unlimited
Security Monitoring (CSPM best practice rules)	Daily and on-demand scans	Daily scans	Scheduled, daily and on-demand scans
Asset Inventory	Yes	Yes	Yes
Advanced Search Capabilities	Yes	Yes	Yes
AI-powered Anomaly Detection	Yes	Yes	Yes
SophosLabs Intelix Malicious Traffic Alerts		Yes	Yes
Email Alerts	Yes	Yes	Yes
AWS Native Service Integrations (Amazon GuardDuty, AWS Security Hub, Amazon Inspector etc.)	Yes	Yes	Yes
Azure Native Service Integrations (Azure Sentinel and Advisor)	Yes	Yes	Yes
Cloud Workload Protection: Sophos Intercept X Server agent discovery	Yes	Yes	Yes
Cloud Workload Protection: Automatic Sophos Intercept X Server agent removal	Yes	Yes	Yes
Compliance Policies and Reports	CIS Benchmarks	CIS Benchmarks	CIS Benchmarks, ISO 27001, EBU R 143, FEDRAMP FIEC, GDPR, HIPAA, PCI DSS, SOC2, Sophos Best Practices
Custom Policies			Yes
Network Visualization		Yes	Yes
IAM Visualization		Yes	Yes
Spend Monitor		Yes	Yes
Alert Management Integrations (Jira, ServiceNow, Slack, Teams, PagerDuty, Amazon SNS)		Yes	Yes
SIEM Integrations (Splunk, Azure Sentinel)		Yes	Yes
Rest API		Yes	Yes
Infrastructure-as-Code Template Scanning (DevSecOps)		Yes	Yes
Environment Access Control			Yes
Container image scanning (ECR, ACR, Docker Hub, API)		Yes	Yes
Sophos XDR integration* *Requires Intercept X Advanced for Server with XDR		Yes	Yes

How Cloud Optix measures environments

In the same update, the number of cloud provider environments that can be monitored by Cloud Optix Standard will change from multiple environments to one environment per cloud provider. This is defined as:

1x Amazon Web Services (AWS) account
1x Microsoft Azure (Azure) subscription
1x Google Cloud Platform (GCP) project
1x Kubernetes cluster
1x GitHub Infrastructure-as-code repository
1x BitBucket Infrastructure-as-code repository
1x Jenkins Infrastructure-as-code environment

Notes:

A customer may onboard multiple Amazon Elastic Container Registries (ECRs) within one AWS account, and multiple Microsoft Azure Container Registries (ACRs) within one Azure account.
Usage of the Cloud Optix API for Container Image and Infrastructure-as-Code (IaC) template scanning is limited to scanning one Container Image/Repository or one IaC template.

When will the change take effect?

The license change will go live for new and existing Cloud Optix Standard subscriptions on the following schedule.

Product	Email communication date	License change date
Cloud Optix
Standard (New Customers and Free Trials)	2 May 2022	1 June 2022
Standard (Existing Customers)	2 May 2022	1 June 2022

Changes to Sophos Cloud Optix Standard

Which features are affected?

When will the change take effect?