Sophos unveiled new third-party integrations with its managed detection and response (MDR) service to improve security capabilities across various client and operational environments.
As a component of the Sophos Adaptive Cybersecurity Ecosystem, the new third-party support incorporates data from third-party endpoints, identity services, firewalls, clouds, email environments and other security solutions.
Telemetry data from various vendors are now available in Sophos MDR. The vendors include Microsoft, CrowdStrike, Palo Alto Networks, Fortinet, Check Point Software, Rapid7, Amazon Web Services, Google, Okta and Darktrace.
The technology of SOC.OS CyberSecurity, which Sophos acquired in April, allowed Sophos to release the new third-party integrations. Sophos MDR can now seamlessly aggregate, correlate, and prioritize third-party data using findings from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit.
The integration uses proprietary data processing and correlation algorithms throughout telemetry data, helping the Sophos MDR operations team recognize the who, what, when, and how of an attack while allowing threat response across a customer’s ecosystem to be delivered in minutes.
The Sophos MDR operations team can also use third-party telemetry data to conduct threat hunts and discover attackers that have eluded detection by the toolsets in place.
Catching problems before they become crises
In a statement, Sophos CTO Joe Levy said that cyber risk mitigation technology is like a shield. It can help you defend, but won’t provide protection unless you actively utilize it to respond to threats. A committed attacker will eventually overcome technology alone.
He added that Sophos’ skilled teams can now identify and remediate attacks before they become more severe. The updates aid companies in various difficult scenarios, including challenging multi-vendor situations such as ransomware or large-scale data breaches.
Sophos MDR can be configured with several service levels and threat response options. Customers can authorize the Sophos MDR operations team to handle full-scale incident response, or opt to receive detailed alerts and manage security themselves.