3 min Security

Sophos expands Intercept X server capabilities with advanced detection

Sophos expands Intercept X server capabilities with advanced detection

Sophos introduces Intercept X for servers with Endpoint Detection and Response: a mouthful that means that Intercept X now offers visibility across the entire IT environment in order to detect and block attacks in time.

Intercept X for servers with Endpoint Detection and Response (EDR) should help companies to stop modern attacks. Central to this is the protection of the server. However, to keep servers secure, this new variant of Intercept X has access to the entire IT environment. Threats that may be living in the background in silence, waiting for an opportune moment to strike, can be neutralized quickly.

Complex attacks

Sophos wants to arm organisations against what it calls blended attacks. The security company understands this to mean advanced attacks, carried out manually on a weakness previously discovered by a bot. For such an attack, hackers take their time. They move around the network, encrypt backups and steal data without anyone’s knowledge.

The new version of Intercept X should deter hackers. In addition to an incredibly long name, Intercept X has extra technology on board for servers with Endpoint Detection and Response to detect such attacks. In concrete terms, IT managers get a picture of their entire IT environment. In it, Intercept X goes in search of threats. If a server is attacked, it is immediately visible where the attack came from, and which devices on the network may have contributed to it.

The EDR functionality is based on deep learning. This has become a common approach in the security world, allowing security solutions to identify malware on the basis of suspicious behaviour or other attributes. In this way, unprecedented threats are correctly identified as risks.

Deep learning

In addition to prevention, analysis and reporting is an important focus of Intercept X. By gaining a good insight into attacks, it is easier to build in sufficient security. Sophos itself is expanding its own database through thousands of network events, providing evolving security that can cope with the latest threats.

Such protection is usually afforded to larger organisations. With Intercept X and EDR, Sophos wants to bring security functionality to organisations of all sizes. In other words, the solution focuses not only on enterprises, but also on kmos.

The security solution also works closely with the Sophos researchers. For example, administrators can ask for help with the analysis of suspicious files from the dashboard. Intercept X for servers with Endpoint Detection and Response can, like the other Sophos solutions, be operated via the clear cloud portal.

Sophos previously rolled out EDR functionality to its Intercept X Advanced solution, specifically for endpoints. Now the focus is on servers.

Related: Sophos expands Intercept X Advanced with detection and response tools

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.