Sophos has announced Sophos XDR, an eXtended Detection and Response solution that blends endpoint, server, firewall and email security capabilities.
Organizations can use Sophos XDR to detect and investigate cyber threats across endpoints, servers, firewalls and other data sources, the company said. Sophos XDR captures data flowing into the Sophos Data Lake to help organizations evaluate their security posture and explore ways to improve it.
In addition, Sophos XDR provides access to data stored in the cloud and on devices, the company indicated. Sophos XDR also provides organizations with 30 days of cloud storage in the Sophos Data Lake and up to 90 days of on-device data storage.
Sophos Enhances EDR Solution
Sophos also announced new scheduled queries and customizable contextual pivoting capabilities for Sophos EDR. These capabilities allow security analysts and IT administrators to use Sophos XDR to identify, investigate and respond to security issues faster and more efficiently than ever before, the company stated.
Furthermore, Sophos EDR users can leverage new pre-configured queries and threat intelligence via an integration with the SophosLabs Intelix threat analysis platform, the company said. They also can access seven days of cloud-hosted data (upgradable to 30 days) in the Sophos Data Lake and up to 90 days of on-device data.
Sophos XDR and the upgraded version of Sophos EDR are expected to be generally available May 19, 2021 via Sophos partners. They can be used in conjunction with the Sophos Central platform.
Introducing the Sophos Adaptive Cybersecurity Ecosystem
Sophos XDR and EDR are part of the new Sophos adaptive cybersecurity ecosystem (ACE), an open security architecture that promotes threat prevention, detection and response, the company said.
Built on a data lake, Sophos ACE combines security insights from Sophos solutions and services with threat intelligence from SophosLabs, Sophos AI and the Sophos Managed Threat Response team, the company noted. It also leverages automation and analytics and input from Sophos products, partners, customers, developers and other security industry vendors to help organizations find ways to stop malicious activity.
Sophos, owned by private equity firm Thoma Bravo, designs its platforms with MSP-centric architectures that typically include multi-tenant capabilities.