Sophos has unveiled live discover and response capabilities for its endpoint detection and response (EDR) solution, according to the cybersecurity company. The new capabilities are available in Sophos' Intercept X Advanced and Intercept X Advanced for Server with EDR offerings.
Organizations can use Sophos EDR live discover capabilities to assess past and present endpoint activity, the company stated. That way, organizations can leverage Sophos EDR to access endpoint activity recordings and perform SQL queries to answer threat hunting and IT questions.
Meanwhile, organizations can use Sophos EDR live response capabilities to remotely respond to and access endpoints and servers via a command line interface, the company indicated. This ensures that organizations can investigate and remediate security issues, reboot devices, install and uninstall software and perform other security processes.
A Closer Look at Sophos EDR
Sophos EDR provides access to threat intelligence from SophosLabs, the company noted. It leverages a deep learning neural network and helps organizations hunt cyber threats and evaluate their IT security.
In addition, Sophos EDR offers exploit prevention to help organizations combat cyberattacks, according to the company. It also provides anti-ransomware protection and detects current and emerging malware.
Sophos EDR supports Windows, MacOS and Linux. Furthermore, Sophos EDR can be managed via the Sophos Central platform and used in combination with Sophos Managed Threat Response (MTR).
Sophos MSP Connect Partner Initiatives
Sophos earlier this week confirmed a company restructuring but the software business continues to focus heavily on cloud-delivered solutions for MSPs and MSSPs.
The developments include in-house R&D along with integrations to third-party MSP tools that provide PSA (professional services automation) and RMM (remote monitoring and management) capabilities.
To wit, Sophos in December 2019 introduced managed detection and response (MDR) and cloud security offerings along with PSA and RMM integrations for its MSP Connect partner program.
MSSPs and MSPs can join MSP Connect to deploy, manage and sell Sophos' IT security services. To date, more than 8,000 global and regional services providers have joined the program.
