Announcements

New Detection views

2022-10-19T06:47:00Z

We have been adding the ability to view more detection information both from the Sophos managed devices and from 3rd party integrations. In this update you can now view all detections and manage filters to see just detections that map to a specific M...(read more)

Now available - MS 365 Azure Audit logs and XDR Data lake

2021-12-01T20:28:00Z

For query assistance, please see the following Best Practices guide We have enabled the ability to add the Office 365 Audit log information into the Sophos XDR Data Lake. This capability is available for ALL XDR customers at NO ADDITI...(read more)

XDR Detections EAP

2021-10-20T12:52:00Z

Now with the XDR Detections EAP open folks can see all activity that has been classified to MITRE ATT&CK. The new page is in the Threat Analysis Center and has lots of really great information on what has been observed in your environment. &...(read more)

Winding down of the XDR & EDR Data Lake Early Access Program (Update June 30, 2021)

2021-06-30T14:18:00Z

As previously communicated, from the beginning of June, no new customers are able to enroll into the XDR & EDR Data Lake Endpoint and Server early access programs (EAPs). For customers who were already enrolled, they are no longer able to a...(read more)

Winding down of the XDR & EDR Data Lake Early Access Program (Update June 16, 2021)

2021-06-15T20:00:00Z

Winding down of the XDR & EDR Data Lake Early Access Program

2021-06-04T11:31:00Z

Hello All, With EDRv4 and our new XDR offering having become generally available in mid-May, Sophos will now begin the wind down of the XDR & EDR Data Lake Early Access Programs. At this point we will not be introducing any new functionalit...(read more)

Scheduled Query for automatic report generation (PREVIEW)

2021-04-21T21:58:00Z

With the release of the product we will be adding scheduled query reports. This feature is NOT YET available in the EAP but is coming with the general release in mid May. For those eager to see it before it is complete I have recor...(read more)

EMAIL information now in the data lake

2021-04-21T18:06:00Z

BRIEF Video on EMAIL and the Data Lake. In this video we show the EMAIL Attachment and URL table that is available in the data lake, we also pivot from a URL seen an an email to ask if any endpoint have ever communicated to that URL and if so what pr...(read more)

Intercept X EDR XDR Overview

2021-04-20T21:58:00Z

A 30 min tour of some of the capabilities of Sophos Intercept X with EDR XDR. In this 30 min video I touch on some of the core concepts in the product and explain a bit about how queries work and show some of the features. It by no means covers...(read more)

Generate Threat Case from Live Discovery file path

2021-04-19T22:37:00Z

Often administrators would prefer to see the graphical view of the attack instead of the tables. With a graphical view it is often MUCH easier to understand what was happening and come to a decision is something is malicious or not. To he...(read more)

Update XDR (EMAIL data, Scheduled Reports, Enrichment Pivots)

2021-04-19T20:24:00Z

Lots of new features are going to be enabled on Wed April 21. We are still on track for GA in mid May. Video: (read more)

Pivots and the Depth of information available

2021-04-08T19:29:00Z

We continue to make excellent progress to the intended May release of the Data Lake version of the product. This week I wanted to demonstrate some of the capabilities we have just added around Pivots and the Depth of information available for admins ...(read more)

Frequently asked questions

2021-03-24T20:16:00Z

Welcome to the EDR Data Lake EAP (Early Access Program). How do I learn more In this forum you will find a number of documents, videos, queries and posts explaining the program and if you have any questions you can post them to the discussions area ...(read more)

Technical training on XDR Data lake with Queries used

2021-03-10T16:18:00Z

For query assistance, please see the following Best Practices guide Watch the video from the technical demo where we cover how to use Live Discover datalake queries. https://vimeo.com/519661823 Queries used during SophSkills Demo DATA LAKE...(read more)

Live Discover Pivoting

2021-03-08T08:00:00Z

For those enrolled in the XDR & EDR Data Lake early access program (EAP), this week we will be launching new pivoting capabilities which allow administrators to rapidly navigate from the result of one query to an available Action, Query, or Enric...(read more)