Cybersecurity firm Sophos Group plc today launched new third-party security technology compatibilities with its managed detection and response or MDR service to provide better detection and remediation of attacks across diverse customer and operating environments.
The new third-party support integrates telemetry from third-party endpoints, firewalls, cloud, identity, email and other security technologies as part of the Sophos Adaptive Cybersecurity Ecosystem. Third-party support in Sophos MDR now includes security telemetry from providers such as Microsoft Corp., CrowdStrike Holdings Inc., Palo Alto Networks Inc., Fortinet Inc., Check Point Software Technology Ltd., Rapid7 Inc., Amazon Web Services Inc., Google LLC, Okta Inc., Darktrace PLC and many others.
Third-party telemetry in Sophos MDR can be automatically consolidated, correlated and prioritized with insights from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit. The third-party security integrations have been enabled by technology from Sophos’ acquisition of SOC.OS CyberSecurity Ltd. in April.
The integration leverages bespoke data processing and correlation techniques across the telemetry, allowing the Sophos MDR operations team to understand the who, what, when and how of an attack, enabling threat response across a customer’s entire ecosystem within minutes. The Sophos MDR operations team can also use third-party vendor telemetry to conduct threat hunts and identify attacker behaviors that evaded detection from deployed toolsets.
“As with a shield, cyber risk mitigation technology can aid in defense, yet unless you use that protection to react, the system will eventually fail; a determined attacker will eventually defeat technology alone,” Joe Levy, chief technology and product officer at Sophos, explained in a statement. “Our teams of experts can now detect and remediate threats across a broad range of environments, including complex, multivendor scenarios, before those threats turn into something more damaging, like ransomware or a wide-scale data breach.”
Sophos MDR is customizable with different service tiers and threat response options. Customers can choose between the Sophos MDR operations team executing full-scale incident response or using the detailed alert notifications for their security operations teams to manage themselves.
The new service is available now through Sophos’ global channel of reseller partners and managed service providers. Integrations with select third-party security technologies will be generally available at no charge by year-end.