The Account Health Check capability makes it easy for Sophos Endpoint and Server users to optimize their security posture and has already proved hugely popular. We continue to extend this feature, and customers can now compare their own health scores with the average scores of other organizations with a similar number of devices, providing context and motivation for improvement.

In the example below, the customer has an overall score of 49 which is well below the average score of 97. Customers can also compare each of the individual health check scores (e.g., protection installed, policies) to identify where to focus. The drop-down on the right enables users to select their desired comparison cohort.

Sophos Endpoint continues to garner high praise from experts across the industry, and recent recognition includes:

• 100% Total Protection Score and two AAA awards in the SE Labs Q2 Endpoint Protection report. Sophos detected and stopped  both commodity, real-world cyberattacks and simulated targeted attacks with 100% accuracy
• Sophos named a Leader by Frost & Sullivan in their inaugural XDR Radar Report
• Sophos awarded Best Endpoint Security in the CRN® Tech Innovator Awards
• Sophos named a Leader in the 2022 Gartner®️ Magic Quadrant™️ for Endpoint Protection Platforms

To learn more about Sophos Endpoint and start a free trial for yourself, visit our website or speak to your Sophos representative or partner.

Gartner, Magic Quadrant™ for Endpoint Protection Platforms, Peter Firstbrook, Chris Silva, 31st December 2022

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

With tangible ‘readiness’ now a key component for cyber resilience, I’m excited to announce the launch of the Sophos Incident Response Services Retainer. It provides all organizations (whether an existing Sophos customer or not) with speedy access to Sophos’ industry-first fixed-cost incident response service in the event of a breach.

The retainer also includes external vulnerability scanning and critical preparedness guidance, enabling organizations to proactively improve their security resilience by pinpointing and resolving issues that reduce the likelihood of a breach in the first place.

Every Minute Counts

The need for go-to incident response support that can activate immediately has never been higher, as revealed in the latest analysis of Active Adversary behavior by Sophos X-Ops:

• The median dwell time in ransomware attacks fell from nine days in 2022 to five in the first half of 2023
• Attackers take just 16 hours on average to reach Active Directory (AD)
• 90% of ransomware attacks occur outside standard weekday business hours

The Sophos retainer cuts red tape, allowing Sophos incident responders to quickly jump into active cyberattacks to investigate and remediate them, minimizing business impact.

The Importance of Preparedness

Planning and preparedness are complementary elements of an incident response strategy. Having a plan is essential, but you also need to be prepared to implement that plan at short notice – and as the research shows, more likely than not outside standard working hours. The Sophos Incident Response Services Retainer gives you on-demand access to a team of incident response experts that will rapidly stop active attacks and get you back to normal operations.

Reducing Cyber Risk for All Organizations

The Sophos Incident Response Services Retainer is available to non-Sophos organizations as well as customers already using Sophos’ endpoint, XDR, network, email, and other security products, or Sophos MDR Essentials. Endpoint configuration health checks and device audits are also included in the retainer for existing Sophos customers.

Organizations that prefer broader services in one package can purchase Sophos MDR Complete, which automatically includes full-scale incident response.

To learn more about this exciting new service, read the Service Brief and speak to your Sophos representative or partner.

Adaptive Attack Protection came to Sophos Endpoint earlier this year, automatically deploying an elevated level of protection if adversary activity is detected on a particular device. Coming soon, the new Critical Attack Warning extends Sophos Endpoint’s context-sensitive defenses with an estate-wide approach that alerts if adversary activity is detected across multiple devices in the customer’s environment.

When the Critical Attack Warning threshold is met, an alert will be sent to all admins in the Sophos Central account to inform them of the situation and provide attack context and details. Customers can respond themselves using Sophos XDR, seek assistance from their partner, or engage the Sophos Incident Response team, all from within Sophos Central

We’re planning to make Critical Attack Warning available to all customers running Sophos Intercept X Advanced and Sophos XDR via a staged roll-out, due to begin later this month.