Sophos Intercept X
Sophos Intercept X employs a comprehensive, defense in depth approach to endpoint protection, rather than relying on one primary security technique. This layered approach combines modern and traditional techniques to stop the widest range of threats.
Stop Unknown Threats
Deep learning AI in Intercept X excels at detecting and blocking malware even when it hasn’t been seen before. It does this by scrutinizing file attributes from hundreds of millions of samples to identify threats without the need for a signature.
Intercept X includes advanced anti-ransomware capabilities that detect and block the malicious encryption processes used in ransomware attacks. Files that have been encrypted will be rolled back to a safe state, minimizing any impact to business productivity.
Anti-exploit technology stops the exploit techniques that attackers rely on to compromise devices, steal credentials and distribute malware. By stopping the techniques used throughout the attack chain Intercept X keeps your organization secure against file-less attacks and zero-day exploits.
In addition to powerful modern functionality, Intercept X also utilizes proven traditional techniques. Example features include application lockdown, web control, data loss prevention and signature-based malware detection. This combination of modern and traditional techniques reduces the attack surface, and provides the best defense in depth.
Sophos solutions work better together. For example, Intercept X and XG Firewall will share data to automatically isolate compromised devices while cleanup is performed, then return network access when the threat is neutralized. All without the need for admin intervention.
Stops never seen before threats with deep learning AI
Blocks ransomware and rolls back affected files to a safe state
Prevents the exploit techniques used throughout the attack chain
Answers critical IT operations and threat hunting questions with EDR
Provides 24/7/365 security delivered as a fully managed service
Easy to deploy, configure and maintain even in remote working environments
Endpoint Detection and Response (EDR)
Designed for IT admins and cybersecurity specialists, Sophos EDR answers critical IT operations and threat hunting questions. For example, identify devices with performance issues or suspicious processes trying to connect on non-standard ports, then remotely access the device to take remedial actions.
Managed Threat Response (MTR)
24/7/365 threat hunting detection and response service that’s delivered by a team of Sophos experts. Sophos analysts respond to potential threats, look for indicators of compromise and provide detailed analysis on events including what happened, where, when, how and why.
Intercept X is managed via Sophos Central, the cloudmanagement platform for all Sophos solutions. It’s a single pane of glass for all of your devices and products, making it easy to deploy, configure and manage your environment even in remote working setups.