19 Jan Sophos XDR: What is it?
Sophos offers an extensive version of Intercept X Advanced for endpoints as well as Intercept X Advanced for Server with the addition of “XDR”. XDR (eXtended Detection and Response) collects and automatically correlates data, not only from endpoints and servers (=EDR) but across multiple Sophos central products like email, cloud workload and XGS firewall. Sophos XDR can help with:
Improved investigation and visibility of what happened during the attack
Intercept X Advanced with XDR significantly enhances the ability to analyze an attack, a process or files by using machine learning-based advanced analytics.
With XDR, you can figure out:
- what really happened after an attack took place
- whether or not a threat has spread onto the network
- what SophosLabs has collected from other Sophos customers about an application
- if there’s still sleeping malware on the network waiting to be activated
- check if there is (sensitive) data stolen
Faster detection and response times
Intercept X Advanced’s advanced search capabilities with XDR make it possible to search for “sleeping threats” in your organization. Sophos uses artificial intelligence and machine learning in its XDR solution for analyzing the collected data. With XDR, Sophos offers the helpful feature of scanning all devices in the company for hash values. This allows you to quickly detect compromised devices, programs or servers in the company.
Do I need Sophos XDR (Xtended Detection and Response)?
YES, you get more visibility and identify and eliminate security vulnerabilities
YES, if you want to investigate the attack and analyze the process in detail! And if you want to know whether there are any more malicious programs on the computers or servers in your company that have simply not been noticed yet.
YES, because of GDPR Compliance requirements. XDR tools are needed when you need to find out or prove after an attack that no data has been stolen. The GDPR (General Data Protection Regulation) clearly states that sensitive data must be protected! Sophos’s EDR capabilities can help you meet compliance requirements and prove whether data has been stolen or not.
Would you like to see the Sophos Central user interface live?
Go to central.sophos.com and use the demo account using the following login details.