Sophos Firewall launched Energetic Menace Response in v20, which enabled Sophos MDR and XDR analysts to set off an automatic block response for an lively adversary on the community.
Now, Taegis MDR and XDR clients can even make the most of this functionality, which dramatically reduces response occasions in an lively assault.
The way it works
If an analyst identifies a brand new menace speaking out to a command and management server, or a distant attacker, they will push that compromised area, IP, or URL to Sophos Firewall from the Taegis portal through the Sophos Central backend. The firewall will then begin coordinating a protection instantly and robotically, with out the necessity for handbook intervention or new firewall guidelines.
As you’ll be able to see from this demo, it couldn’t be simpler to instantly block suspicious or malicious community communications:
Response occasions go from hours or days to seconds
As you’ll be able to think about, if a brand new lively assault is found late on a Friday earlier than a protracted weekend, in some other scenario it might take a number of days earlier than somebody can log into their firewall and block the menace.
However with Sophos Firewall and Taegis MDR or XDR, analysts can set off an automatic response inside seconds. That’s a key good thing about the Sophos platform: enabling data and telemetry sharing between merchandise to facilitate an automatic response to lively assaults.
Find out how to get it
In the event you’re not already a Sophos Firewall buyer, get began at present with a free trial and see first-hand how Sophos Firewall can remodel your community safety.
Inquisitive about MDR? Study extra about how Sophos MDR providers mix easy-to-use, AI-driven know-how with world-class safety consultants who monitor, forestall, detect, and reply to threats 24/7.
