Guest User!
You are not Sophos Staff.
We are excited to announce that Intercept X for Server Advanced with EDR has been enhanced with powerful cloud visibility features from Cloud Optix.
In addition to even more detail on AWS, Azure and GCP cloud workloads, this integration gives Sophos partners and customers critical insight into their wider cloud environment including security groups, hosts, shared storage, databases, serverless, containers and more.
…
Sophos continues to enhance our new EDRv3 capabilities and over the past week numerous improvements have been introduced:
Role Based Access Controls for the Live Response Beta:
One of the top requests received during the Live Response Beta during the Early Access Program was to provide Administrators better control around defining Central admins who can use Live Response and who can manage the Live Response settings.
…
For query assistance, please see the following Best Practices guide
The Sophos UK Sales engineering team has been getting familiar with live discover. In the work they explored group policy and provided the following queries:
Deleted security groups -
Variable to specify the number of days to check
Windows
/* Deleted Security Groups */
SELECT
source,
eventid,
CAST(datetime(time, 'unixepoch') AS TEXT) AS 'Change Made',…
Last week SophosLabs published a report about the Glupteba malware. According to Sophos Labs this malware family has been growing in numbers. "This malware, with its hard-to-pronounce name, has been getting regular updates and feature enhancements that seem to be focused on its ability to conceal itself from detection on infected computers....The core malware is, in essence, a dropper with extensive backdoor functionality, but…
We are thrilled to announce that the latest version of Sophos EDR (endpoint detection and response) is now available to all Intercept X Advanced with EDR and Intercept X Advanced for Server with EDR customers. This release brings powerful new capabilities that enable both IT admins and security analysts to ask detailed IT operations and threat hunting questions across their entire estate. It also provides new functionality …
There have been posts about our exciting new Linux EDR release elsewhere on the forum, but in case you missed them; here they are!
We have had our Live Discover feature available for Linux Servers in our Early Access Program for a couple of months; this will be launching next week. Live Discover allows admins to search their data to answer almost any question they can think of by searching across their servers using SQL…
In the next two weeks we will be fully launching the EDR Live Discover for LINUX.
The capabilities on Linux are simply astounding, we have been busy creating the prebuilt queries and finishing the last bit of work before this is fully available.
In the video, Ethan Vince-Urwin, one of the core linux developers who has been building the features we all love takes the product for a test drive and shows off some of the power…
