Sophos has made two new innovations available. The biggest innovation is SophosLabs Intelix, a cloud-based tool for secure apps. Cloud Optix will also be updated, to simplify cloud security.

SophosLabs Intelix allows developers to make API calls to the cloud platform to assess the risk of files, URLs and IP addresses. Behind Intelix, a system continuously processes petabytes of data for real-time intelligence. In addition, the platform can rely on the knowledge of endpoints and other security solutions within the Sophos portfolio.

The so-called RESTful APIs ensure that developers can upload files directly for static and dynamic analyses. The tool is available via AWS Marketplace.

Three service functions

With Intelix, Sophos provides three services that it insists on:

  • Real-time Look-ups: Create a quick classification with instant access to the latest SophosLabs intelligence by asking for file hashes, URLs, IPs or thumbprints from Android applications. Reputation scores identify bad and good files and those that fall into a grey area.
  • Static file analysis: uses multiple machine learning models, global reputation, deep file scanning without running the file in real time.
  • Dynamic File Analysis: Provides dynamic file analysis and classification capabilities through execution and instrumentation of submitted files in sandboxes, using the latest runtime detection techniques to reveal real behavior of potential threats.

Cloud Optix Enhancements

Together with the launch of SophosLabs Intelix, Cloud Optix cloud security receives a major update. For example, the newly launched Amazon Detective has been expanded with intuitive data on potential threats such as failed login attempts and suspicious API calls in AWS workloads.

Amazon Elastic Kubernetes Service (Amazon EKS) clusters and native Kubernetes implementations are now followed by Cloud Optix, which provides extensive inventory and visualisation of clusters, nods, node pools, pods, containers and more.

Finally, integration with the new AWS Identity and Access Management (IAM) Access Analyser is possible, and security is extended to the network with Sophos UTM support for the new Amazon Virtual Private Cloud (VPC) Ingress Routing.