Intercept X Advanced for Server with EDR is now available. With this update, Sophos brings the EDR capabilities from their Endpoint Protection to Windows servers.
Customers can add EDR today to report on their security posture any time, detect attacks that went unnoticed, and understand the scope and impact of security incidents. EDR for servers gives the same capabilities you get with the latest version (1.1) of Intercept X for Endpoint EDR including:
1. Cross-estate threat searching, including PowerShell executions, file names, SHA-256 file hashes, IP addresses, and domains.
2. Advanced on-demand SophosLabs threat intelligence
They can request the latest Sophos Threat intelligence on processes from within the threat cases view. The file will be submitted from the endpoint in question to Sophos Labs for detailed analysis which will be returned within minutes.
3. Forensic data export
Sophos EDR-enabled devices are continually capturing data related to process, file, network and other system activity. When a threat detection occurs, a snapshot file of current activity is created on the disk of the device. This snapshot helps generate the Threat Case in Sophos Central, which attempts to piece together the threat chain of an attack and identify related activities.
Encourage your customers to give it a try– existing customers can start a free trial of Intercept X Advanced for Server with EDR in the free trial section in Sophos Central.
For questions on Sophos Intercept X Advanced for Server with EDR, please reach out to our Sophos Brand Sales Specialist, Mark Freilich, today!