Posted by New Delhi: Cybersecurity company Sophos announced Sophos X-Ops – a new cross-operational unit linking SophosLabs, Sophos SecOps and Sophos AI. Sophos X-Ops is an advanced threat response joint task force that aims to help organisations better defend against constantly changing and increasingly complex cyberattacks.
“We’ve unified three globally recognized and mature teams within Sophos to provide this breadth of critical, subject matter and process expertise,” said Joe Levy, CTPO of Sophos.
“Joined together as Sophos X-Ops, they can leverage the strengths of each other, including analysis of worldwide telemetry from more than 500,000 customers, industry-leading threat hunting, response and remediation capabilities, and rigorous artificial intelligence to measurably improve threat detection and response,” added Levy.
Sophos X-Ops leverages the predictive, real-time, real-world, and deeply researched threat intelligence from each group, which, in turn, collaborate to deliver stronger, more innovative protection, detection and response capabilities.
“Effective cybersecurity requires robust collaboration at all levels, both internally and externally; it is the only way to discover, analyze and counter malicious cyber actors at speed at scale. Combining these separate teams into Sophos X-Ops shows that Sophos understands this principle and is acting on it,” said Michael Daniel, President and CEO of Cyber Threat Alliance.
Sophos X-Ops also provides a stronger cross-operational foundation for innovation, an essential component of cybersecurity due to the aggressive advancements in organised cybercrime.
By intertwining the expertise of each group, Sophos is pioneering the concept of artificial intelligence (AI) assisted Security Operations Center (SOC), which anticipates the intentions of security analysts and provides relevant defensive actions.
Sophos believes this approach will dramatically accelerate security workflows and the ability to more quickly detect and respond to novel and priority indicators of compromise.
“The Sophos X-Ops umbrella is a noted example of stealing a page from the cyber miscreants’ tactics by allowing cross-collaboration amongst different internal threat intelligence groups,” said Craig Robinson, IDC Research VP – Security Services.
Sophos today is also issuing “OODA: Sophos X-Ops Takes on Burgeoning SQL Server Attacks,” research about increased attacks against unpatched Microsoft SQL servers and how attackers used a fake downloading site and grey-market remote access tools to distribute multiple ransomware families.
It identified and thwarted the attacks because the unified teams combined their respective knowledge of the incidents, jointly analyzed them, and took action to quickly contain and neutralize the adversaries.