• Endpoint Table and Query Updates for Linux

    Sophos Live Discover provides capabilities for analysts to query data on both the endpoint as well as in the Sophos Data Lake. Queries can be run either ad-hoc or scheduled to run on intervals. We are making updates that will affect some of the exist...
  • Case Public API and Pivot Menu Actions Enhancements

    We’re excited to share new enhancements to cases. The Cases Public API now allows customers and partners the ability to manage cases using their preferred tools. Additionally, we’ve refreshed the pivot menu with new hostname actions and u...
  • Identifying Unpatched Devices with Device Exposure

    Device Exposure in Sophos Central helps customers identify devices that haven’t installed OS patches for 30+ days. These machines may be missing important security updates and vulnerable to attack. By giving customers a simple way to pinpoint d...
  • Updates to Endpoint Data Lake schema

    The Sophos Central Data Lake lets customers search security and compliance data that devices upload to the cloud. We are updating the Data Lake schema to capture new event types and remove older event types. Please note that these changes only apply ...
  • Sophos XDR Enhancements

    Over the last several weeks, many new features have been added to Sophos XDR. Each of these features aim to enhance analyst efficiency and provide better insights when investigating threats. Detections Integration with SophosLabs Intelix So...
  • Sophos XDR: Expanding our defense against active adversaries

    The latest enhancements to the Sophos XDR platform provide even greater power to defend against active adversaries, including configurable suppression rules, public APIs, enhanced Microsoft integrations, and more. Active adversaries are hig...
  • Quickly identify vulnerable endpoints and servers

    Identifying devices that are potentially exposed to threats is critical for managing cybersecurity risk. We’ve recently introduced a new Device Exposure dashboard in the Sophos Central console that provides Sophos XDR and Sophos MDR custom...
  • Increase visibility with integrations

    Active adversaries execute attacks that cross multiple domains across the victim’s environment - the full scope of which cannot be detected by a single point product. Telemetry from multiple sources is needed to provide a more complete view of ...
  • Sophos XDR Public APIs

    Sophos XDR Public APIsExtending our open ecosystem approach, we’ve introduced two new APIs to enable organizations to integrate Sophos XDR data seamlessly into existing security operations tools and workflows.  Customers and partners ...