Changes to Sophos Cloud Optix Standard

Sophos Cloud Optix is available in two licenses, Cloud Optix Advanced and Cloud Optix Standard. Cloud Optix Standard is included in the following Intercept X Advanced for Server licenses:

  • Intercept X Advanced for Server
  • Intercept X Advanced for Server with XDR
  • Intercept X Advanced for Server with MTR Standard
  • Intercept X Advanced for Server with MTR Advanced

 

From 1st June 2022, Cloud Optix Standard customers benefit from a range of new capabilities and changes to the number of environments that may be monitored.


Which features are affected?

Cloud Optix Standard will now include all the major features of Cloud Optix Advanced such as network and IAM visualization, and container image scanning. The changes to feature availability are highlighted in the table below:

Feature

Current Standard

New Standard

Advanced

Cloud environment monitoring:

AWS, Azure, GCP, Kubernetes, IaC and Docker Hub registries

Unlimited

One per provider

Unlimited

Security Monitoring
(CSPM best practice rules)

Daily and on-demand scans

Daily scans

Scheduled, daily and on-demand scans

Asset Inventory

Yes

Yes

Yes

Advanced Search Capabilities

Yes

Yes

Yes

AI-powered Anomaly Detection

Yes

Yes

Yes

SophosLabs Intelix Malicious Traffic Alerts

Yes

Yes

Email Alerts

Yes

Yes

Yes

AWS Native Service Integrations
(Amazon GuardDuty, AWS Security Hub, Amazon Inspector etc.)

Yes

Yes

Yes

Azure Native Service Integrations
(Azure Sentinel and Advisor)

Yes

Yes

Yes

Cloud Workload Protection: Sophos Intercept X Server agent discovery

Yes

Yes

Yes

Cloud Workload Protection: Automatic Sophos Intercept X Server agent removal

Yes

Yes

Yes

Compliance Policies and Reports

CIS Benchmarks

CIS Benchmarks

CIS Benchmarks, ISO 27001, EBU R 143, FEDRAMP FIEC, GDPR, HIPAA, PCI DSS, SOC2, Sophos Best Practices

Custom Policies

 

Yes

Network Visualization

 

Yes

Yes

IAM Visualization

 

Yes

Yes

Spend Monitor

 

Yes

Yes

Alert Management Integrations
(Jira, ServiceNow, Slack, Teams, PagerDuty, Amazon SNS)

 

Yes

Yes

SIEM Integrations
(Splunk, Azure Sentinel)

 

Yes

Yes

Rest API

 

Yes

Yes

Infrastructure-as-Code Template Scanning
(DevSecOps)

 

Yes

Yes

Environment Access Control

 

 

Yes

Container image scanning
(ECR, ACR, Docker Hub, API)

 

Yes

Yes

Sophos XDR integration​*
*Requires Intercept X Advanced for Server with XDR

 

Yes

Yes

How Cloud Optix measures environments

In the same update, the number of cloud provider environments that can be monitored by Cloud Optix Standard will change from multiple environments to one environment per cloud provider. This is defined as: 

  • 1x Amazon Web Services (AWS) account
  • 1x Microsoft Azure (Azure) subscription
  • 1x Google Cloud Platform (GCP) project 
  • 1x Kubernetes cluster 
  • 1x GitHub Infrastructure-as-code repository 
  • 1x BitBucket Infrastructure-as-code repository 
  • 1x Jenkins Infrastructure-as-code environment 

Notes:

  • A customer may onboard multiple Amazon Elastic Container Registries (ECRs) within one AWS account, and multiple Microsoft Azure Container Registries (ACRs) within one Azure account. 
  • Usage of the Cloud Optix API for Container Image and Infrastructure-as-Code (IaC) template scanning is limited to scanning one Container Image/Repository or one IaC template. 

 

When will the change take effect?

The license change will go live for new and existing Cloud Optix Standard subscriptions on the following schedule.

Product

Email communication date

License change date

Cloud Optix

Standard (New Customers and Free Trials)

2 May 2022

1 June 2022

Standard (Existing Customers)

2 May 2022

1 June 2022

Anonymous