This November brings each the second anniversary and 1,000 buyer milestone for Sophos Community Detection and Response (NDR). Such phenomenal development in two quick years displays the ability of Sophos NDR in addition to rising consciousness of the significance of community detection and response within the safety stack.
Adversaries go to nice lengths to keep away from being detected earlier than they’ll full their assault. However nonetheless good they’re at hiding their tracks, they all the time must cross the community. The excellent news is that with Sophos NDR adversaries merely can’t cover – there isn’t any spot that the answer can’t shine a light-weight on.
Sophos NDR sits deep on the community, monitoring all community visitors from managed and unmanaged gadgets and detecting suspicious actions that will in any other case go unnoticed till it’s too late. Intensive response capabilities allow analysts – each within the Sophos MDR crew and the in-house analysts of our prospects and companions – to shortly examine and neutralize threats.
Watch this quick video to see Sophos NDR in motion stopping a Cobalt Strike assault.
Combining AI and 5 real-time detection engines
Sophos NDR regularly displays your community visitors, utilizing 5 real-time risk detection engines to establish indicators of malicious or suspicious exercise. Leveraging a mix of AI-powered machine studying, superior analytics, and rule-based matching strategies, it identifies threats that usually go undetected till it’s too late, together with:
- Threats on unprotected gadgets like point-of-sale techniques, IoT and OT gadgets, and legacy working techniques
- Rogue property that adversaries exploit to launch assaults
- Insider threats corresponding to delicate information uploads to an offsite location
- Zero-day assaults, and extra
Plus, when mixed with different safety telemetry, Sophos NDR permits risk analysts to color a extra full, correct image of the whole assault path and development, enabling a quicker, extra complete response.
Dive deep with the highly effective Investigation Console
The Sophos NDR Investigation Console deploys on the native community, offering wealthy evaluation instruments to speed up the identification of potential points and threats, together with the timing of occasions, the variety of occurrences, their severity, and their geo places. It additionally permits evaluation of software visitors to establish undesirable or suspicious software exercise and potential information loss incidents, in addition to evaluation of dangerous session information to make sure the community is working effectively and securely.
Acknowledged as a Main Participant
Sophos is acknowledged as a Main Participant within the IDC MarketScape: Worldwide Community Detection and Response 2024 Vendor Evaluation (November 2024, IDC #US51752324). The IDC MarketScape famous that “a robust characteristic that companies profit from when working inside a Sophos devoted ecosystem is Lively Risk Response.” The report additionally famous that “pricing is aggressive for midsize corporations.”
Versatile deployment, most affect
Sophos NDR deploys as a digital equipment on VMware or Microsoft Hyper-V, within the cloud on AWS, or on a variety of licensed {hardware} home equipment.
Licensing is predicated on the variety of customers and servers on the community. There are not any restrictions or further prices to deploy a number of NDR sensors and a single sensor can help as much as 40Gbps of community visitors.
Sophos NDR is accessible with each our managed detection and response service, Sophos MDR, and our self-managed Sophos XDR resolution. Whether or not you need to conduct community detection and response your self or have our crew do it for you, Sophos NDR might help.
Get began in the present day
To be taught extra about Sophos NDR, go to our web site or converse to your Sophos companion or consultant. Present Sophos prospects can even activate a free 30-day trial instantly inside their Sophos Central console.