Sophos acquires SOC.OS

Sophos has acquired SOC.OS, an innovator of a cloud-based security alert investigation and triage automation solution. The solution consolidates and prioritizes high volumes of security alerts from multiple products and platforms across an organization’s estate, allowing security operations teams to quickly understand and respond to the most urgent cases flagged. SOC.OS launched in 2020 and is a spinout of BAE Systems Digital Intelligence. The company is privately held and based in Milton Keynes, U.K.

With SOC.OS, Sophos plans to advance its Managed Threat Response (MTR) and Extended Detection and Response (XDR) solutions for organizations of all sizes. SOC.OS will also help Sophos expand its Adaptive Cybersecurity Ecosystem, which underpins all of Sophos’ security solutions. This will include providing alerts and events from third-party endpoint, server, firewall, Identity and Access Management (IAM), cloud workload, email, and mobile security products.



According to the Gartner® Market Guide for Extended Detection and Response, Nov. 8, 2021, “To make XDR a long-term investment, (organizations need to) evaluate breadth and depth of ecosystem integration. The easier the XDR can integrate into your existing environment, the better an investment it will be.”



“Sophos MTR is one of the fastest-growing new offerings in the company’s history. We now stand as one of the largest Managed Detection and Response (MDR) operations in the world, delivering superior security outcomes through an MTR service with more than 8,000 customers. The top enhancement request from these customers is ‘better integrations with existing security environments,’ and with the innovative technology from SOC.OS, we will be able to do just that – seamlessly integrate Sophos’ MTR and XDR solutions within their current set of security and IT solutions,” said Joe Levy, chief technology and product officer, Sophos. “SOC.OS will also provide our Adaptive Cybersecurity Ecosystem with a broader set of third-party telemetry, so security analysts have better visibility into important events and alerts. SOC.OS has an impressive list of integrations that will benefit Sophos customers as we continue to expand and develop industry-leading XDR and MDR capabilities. We’re very excited to bring the team and technology from SOC.OS onboard.”



With cyberattacks, such as ransomware, becoming increasingly prevalent and complex, security operations teams are under constant pressure to monitor every aspect of their organization. Between 24/7 threat activity, high volumes of security alerts and false positives, and understaffing, organizations need XDR or MTR, plus a solution from SOC.OS that automatically clusters and triages alerts.



“Alert fatigue and lack of visibility still plague security teams worldwide. Considering this, against the backdrop of constantly changing cyberthreats and a challenging talent landscape, defenders need new and innovative products and services that can help them solve more complex incidents in less time,” said Dave Mareels, chief executive officer and co-founder, SOC.OS. “For many defenders, however, the complexity and cost of traditional security solutions act as barriers to adoption.​ By joining forces with Sophos, we can address these challenges together, head on. The sum is greater than our parts, and by combining our capabilities, we’re positioned to offer truly unique, cost effective and highly accessible products and services to those who need it most, on a global scale.”

New report provides key recommendations to MSPs on how to best grow their cloud businesses.
Access to real-time endpoint data promotes zero-trust security and enhances application performance and reliability across complex integration environments.
Network engineers and CIOs agree that cybersecurity issues represent the biggest risk for organisations that fail to put networks at the heart of digital-transformation plans. According to research commissioned by Opengear, 53% of network engineers and 52% of CIOs polled in the U.S., U.K., France, Germany, and Australia rank cybersecurity among the list of their biggest risks.
Only 1 in 5 employees feel their organisation is very prepared for hybrid working.
Significant 82% rise in short duration DDoS ‘Flood’ attacks, a 297% increase in OpenVPN attacks and a 29% higher risk of a repeat attack within a week.
One of the leading global email cloud security and backup providers adds IT security awareness-building training to its portfolio.
Tight integration of IDaaS into Censornet’s platform elevates its autonomous security capability and gives organisations intelligent affordable control of authentication.
A perfect storm of escalating cyber-attacks and global tech innovation, leaves 61 per cent of Chief Information Security Officers (CISO) only “fairly confident” of managing their current threat exposure.