Adaptive Attack Protection came to Sophos Endpoint earlier this year, automatically deploying an elevated level of protection if adversary activity is detected on a particular device. Coming soon, the new Critical Attack Warning extends Sophos Endpoint’s context-sensitive defenses with an estate-wide approach that alerts if adversary activity is detected across multiple devices in the customer’s environment.

When the Critical Attack Warning threshold is met, an alert will be sent to all admins in the Sophos Central account to inform them of the situation and provide attack context and details. Customers can respond themselves using Sophos XDR, seek assistance from their partner, or engage the Sophos Incident Response team, all from within Sophos Central

We’re planning to make Critical Attack Warning available to all customers running Sophos Intercept X Advanced and Sophos XDR via a staged roll-out, due to begin later this month.