Security News > 2021 > May > Sophos XDR: Threat hunting through the entire security ecosystem
Sophos' Rapid Response team had, among other things, the new Sophos XDR solution at their disposal - an industry-first extended detection and response solution that synchronizes native endpoint, server, firewall, and email security.
Sophos XDR gathers relevant sensory information from the organization's entire IT environment and security ecosystem and allows threat hunters to view the complete picture and detect and inspect clues that may otherwise go unnoticed.
The solution relies on the industry's richest data set: Sophos's cloud-based data lake, which host critical information collected from Intercept X, Intercept X for Server, Sophos Firewall, and Sophos Email.
"Within that data lake, we enrich the collected data with threat intelligence, and we're able to run AI models against that data to drive detections, as well as some automation. We deliver that information to security operators and practitioners, and we do that through a language we call Live Query," Dan Schiappa, Chief Product Officer at Sophos, explained.
"Part of the Sophos XDR value proposition is that we don't try and gather every bit of data, but instead only the right data - the data that helps the AI engines come to conclusions. By having that API-enabled early access, we were able to fine-tune that," Schiappa shared.
Sophos XDR can be used by seasoned security operators, but it's also intuitive enough to be used by those who are just starting that journey or are an IT administrator and the designated security practitioner for a smaller company.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/FWh_AtQHuN0/