Cloud Optix Container Security

The latest release for Sophos Cloud Optix features a range of exciting enhancements, including container image scanning to prevent off-the-shelf container images from public registries introducing Operating System vulnerabilities into production environments, new automated remediation abilities to prevent security misconfigurations in cloud environments, and much more. A breakdown of the latest enhancements are available below:

  • Container Image Scanning: Sophos Cloud Optix can now scan container images for vulnerabilities to prevent threats from being introduced into your production environment. It can scan container images from Amazon Elastic Container Registry (ECR), Microsoft Azure Container Registry (ACR), Docker Hub registries, and IaC environments (Bitbucket and GitHub). Your can also submit images for scanning via API, to increate with your build pipeline.

    Find out more at: https://docs.sophos.com/pcg/optix/help/en-us/pcg/optix/concepts/ContainerImages.html



  • Webhooks: You can now use webhooks to integrate with systems for remediation, reporting, and other functions. Sophos Cloud Optix provides native integration for a variety of systems, for example Jira, Slack, Teams, and so on. If you're using different system, or want to trigger your own remediation functions, you can use webhooks to send alerts an http endpoint in your environment.

    Find out more at: https://docs.sophos.com/pcg/optix/help/en-us/pcg/optix/concepts/IntegrateWebhooks.htm

  • 'Operational Status enhancements: On the 'Environments' page, for each AWS, Azure and GCP environment, you can now see the operational status of Flow Log ingestion and Activity Log ingestion.

  • 'Unused' Azure NSG filter enhancement: In the inventory (Azure Network Security Groups page), the 'Unused' filter now considers the following additional Azure services that Security Groups can be assigned to, in addition to VMs: SQL Server, DB Server, CosmosDB, App Service, Function App, Storage Account.

  • New date range filter: The date range selector on key screens in the Cloud Optix console, including Dashboard, Alerts and Activity logs, has been replaced with a new, more flexible selector. Choose from a range of 'commonly used' date range options, or select a custom date range using the calendar.

  • Compliance policy tags for alerts: Security monitoring alerts from compliance policy rules have an associated 'Compliance Tag' to identify the policies that the rule belongs to. Compliance tags are now included on the Alert details popup modal. You can also now link directly from the alerts list to a policy details page, by clicking on a compliance tag in the list.

For a recap on all recent additions to Sophos Cloud Optix, visit https://optix.sophos.com/releasenotes/ 

New customers can signup for a 30-day free trial of Sophos Cloud Optix here: https://www.sophos.com/cloud-optix