MDR service integrates vendor agnostic telemetry

Sophos has introduced Sophos Managed Detection and Response (MDR) with new 'industry-first' threat detection and response capabilities.

Sophos says that it is the first endpoint security provider to integrate vendor agnostic telemetry from third-party security technologies into its MDR offering, providing unprecedented visibility and detection across diverse operating environments. Sophos also introduced the Sophos Marketplace and $1 million Sophos Breach Protection Warranty.

The need for MDR services and specialized defenders has never been greater, as shown in today’s new research, “LockBit 3.0 ‘Black’ Attacks and Leaks Reveal Wormable Capabilities and Tooling,” from Sophos X-Ops, the company’s cross-domain threat intelligence unit. The research analyzes tactics, techniques and procedures (TTPs) used by LockBit, one of today’s most prolific ransomware gangs, that are similar to BlackMatter, and explains how the latest version of the ransomware, LockBit 3.0, adds wormable capabilities and uses legitimate pentesting tools to evade detection.

In a second article, “Detection Tools and Human Analysis Lead to a Security Non-Event,” Sophos X-Ops details a recent Sophos MDR use case involving credential theft, another technique that allows adversaries to impersonate legitimate users. In this case, the Sophos MDR team combined its threat hunting intelligence with information from the customer’s third-party security appliance to thwart an attack.

“The only way to reliably detect and neutralize determined attackers who increasingly combine the use of pentesting tools, stolen credentials and other stealthy tactics to maneuver undetected is with 24x7 eyes on glass, operating on signals from a diversity of event sources and employing actionable threat intelligence into real-time attacker behaviors,” said Joe Levy, chief technology and product officer at Sophos. “Organizations are struggling to keep pace with well-funded adversaries who are continuously innovating and industrializing their ability to evade defensive technologies alone. Sophos MDR can discover and intercept these steps before they result in a data breach, ransomware or other type of costly compromise. Sadly, ransomware persists as one of the greatest cybercrime threats to organizations, as evidenced in the Sophos 2023 Threat Report. We’re raising the industry standard for how critical MDR services can be delivered to broaden visibility for better, faster detection and response.”


Research also shows the inability to prevent bad things from happening as the worst part of a security job with more than a third of respondents unsure they could tell their boards that no adversaries are inside.
Channel partners in EMEA to access scalable application security testing solutions.
A new research report by CSI Ltd looking into the top concerns of cyber security decision makers finds that 78% believe the current cost-of-living crisis will increase the risk of a cyber threat occurring in their organisation. This finding was especially prevalent in the healthcare (84%) and financial services (86%) sectors.
Acronis has announced a three-year partnership with London´s oldest professional football club, Fulham FC. EveryCloud.co.uk will support Acronis as its ‘Strategic #Cyberfit’ delivery partner providing its cutting-edge cyber protection solutions and cloud backup service to the club.
94% of CIOs say extending a DevSecOps culture to more teams is key to accelerating digital transformation and driving faster, more secure software releases.
22% of senior technology decision-makers in the UK identified cybersecurity solutions as the most important factor affecting business transformation.
New product enables organizations to increase observability, consistency and control of machine identities across complex Kubernetes environments.
Civo has published new research, finding that 53% of developers are concerned about the security of Kubernetes.