New AI Features EAP Now Open

New AI Features EAP Now Open

We are excited to announce the opening of the New AI Features Early Access Program (EAP). Over the next few months, we will be adding many new AI-powered features to the Sophos XDR platform. These features aim to expand and improve analyst efficiency and ability—while enhancing the overall experience of investigating threats.

What AI features are available?

The following features available in the New AI Features EAP.

AI Search for Detections

Enables analysts to query the data lake for detection data using natural language. This removes the barrier of complex SQL syntax, making security data more accessible.

AI Search

For more information about this feature, click here - AI Search for Detections.

AI Case Summary

Leveraging GenAI, this feature analyzes detections associated with a case to provide a summary of what has happened, the entities involved and possible next steps for investigation. AI Case Summary will also determine which MITRE ATT&CK TTPs observed within the case, if any.

 AI Case Summary

AI Command Analysis

This feature uses GenAI to analyze the command line executed by endpoint detections to explain the intent and describe the possible security impact to the environment. If necessary, AI Command Analysis will de-obfuscate code, minimizing the complexity and time needed to assess a detection.

 AI Command Analysis

Note: XDR AI features are available for self-managed cases. When a case is Sophos-managed on behalf of an MDR Essentials or Complete customer, case information can only be modified by the MDR Ops team. 

Currently, English is the only supported language for Sophos XDR AI features. To stay up to date about what features are available in the EAP and how they work, please visit the Sophos Community.

Which Sophos products support AI features?

Customers with licenses for the following Sophos products can access XDR AI Features:

  • Sophos Intercept X Advanced with XDR
  • Sophos Network Detection and Response
  • Sophos MDR Essentials
  • Sophos MDR Complete

How do I join the New AI Features EAP?

 New AI Features EAP

  1. When logged into Central, click on the profile button in the top right corner of the screen and select Early Access Program.
  2. On the Early Access Program page, click the Join button for the New AI Features EAP.
  3. On the next New AI Features screen, click Continue.
  4. Next, check the I accept the Sophos End User Terms of Use checkbox and click the Accept
  5. You are now enrolled in the EAP.

This program does not currently have an expiry date. If you have any questions about AI features or encounter any problems, please visit the New AI Features EAP Discussions Community.

Additional Resources

Parents Comment Children