Cloud Optix Tech Specs

Cloud Optix delivers the continuous analysis and visibility organizations need to detect, respond, and prevent security and compliance gaps that leave them exposed. This provides a single view of security posture across AWS, Azure, Google Cloud, Kubernetes, and Infrastructure-as-Code environments.

Extending Cloud Workload Protection with CSPM

Sophos Intercept X Advanced for Server protects server instances running in the cloud from the latest threats, and by including Cloud Optix Standard, organizations will extend security to visibility of those instances, containers, serverless and more, while identifying vulnerabilities to optimize security posture.

 

  Cloud Optix Standard Cloud Optix Advanced
Cloud Environments    
Amazon Web Services, Microsoft Azure, Google Cloud Platform, Kubernetes, IaC, Docker Hub One Environment Per Provider
(AWS, Azure, GCP, Kubernetes, IaC, Docker Hub)
Unlimited

 

  Cloud Optix Standard Cloud Optix Advanced
Security Best Practice Scanning    
Configurable Security Scans On-demand Configurable and On-demand
Security Best Practice Policy Assessments
(Custom, CIS Benchmarks, ISO 27001, Sophos Best Practices, EBU R 143, FEDRAMP)
CIS Benchmarks

 

Automatic Remediation
(Guardrails)

 

 

Anomaly Detection – Network Traffic

 

 

Anomaly Detection – User Login Behavior

 

 

Anomaly Detection – Timeline of high-risk user role behavior

 

 

High-risk Events Detection
(AI-based security overlay for Activity Logs)

 

 

Credential Compromise Detection

 

 

Intercept X Advanced for Server Integration: Agent discovery

 

 

Intercept X Advanced for Server Integration: Automatic agent removal from Sophos Central Admin

 

 

 

  Cloud Optix Standard Cloud Optix Advanced
Compliance Best Practice Scanning    
Configurable Compliance Scans  

 

Compliance Best Practice Policy Assessment
(Custom, FIEC, GDPR, HIPAA, PCI DSS, SOC2)
 

 

Alert Suppression
(Hide alerts via a simple checkbox)

 

 

Compliance Exception Handling
(Suppressed alerts apply to future scans)

 

 

Integration with Communication and Workflow Systems
(e.g. JIRA, ServiceNow, and Splunk)

 

 

 

  Cloud Optix Standard Cloud Optix Advanced
Monitoring    
Inventory – Hosts, Containers, Network, Storage

 

 

Inventory – IAM Users, Activity Logs, Serverless Functions

 

 

Container Image Scanning
(Amazon Elastic Container Registries (ECR), Microsoft Azure Container Registries (ACR), Docker Hub registries, GitHub and Bitbucket IaC environments, and via API)

 

 

Network Topology Visualization with AI-based Database Identification

 

 

Over-privileged User Detection

 

 

IAM Visualization
(Relationships between IAM Roles, IAM users, and services)

 

 

Spend Monitoring, Alerts, and Optimization Recommendations

 

 

 

  Cloud Optix Standard Cloud Optix Advanced
Devsecops    
Infrastructure-as-Code (IaC) Template Scan for Insecure Configuration

 

 

Infrastructure-as-Code (IaC) Template Scan for Embedded Secrets and Keys

 

 

Source Code Management Integration for CI/CD
(e.g. GitHub, BitBucket)

 

 

Cloud Optix IAC REST API
(Scan IAC templates regardless of what code repository is used)

 

 

Container Image Scanning
(Amazon Elastic Container Registries (ECR), Microsoft Azure Container Registries (ACR), Docker Hub registries, GitHub and Bitbucket IaC environments, and via API)

 

 

 

  Cloud Optix Standard Cloud Optix Advanced
Integrations    
Sophos XDR integration - extend data sources with AWS, Google Cloud Platform and Microsoft Azure cloud environment data sources.
(Requires Cloud Optix Advanced and Intercept X Advanced for Server)

 

 

Cloud Providers
(New Amazon Inspector, AWS Security Hub, Amazon GuardDuty, AWS CloudTrail, New Amazon Inspector, Amazon Macie, AWS Systems Manager and Patch Manager, AWS Firewall Manager, AWS IAM Access Analyzer, AWS Trusted Advisor, Amazon Detective, Azure Sentinel and Azure Advisor)

 

 

Splunk SIEM
(Receive instant notifications of security events)

 

 

Azure Sentinel
(Receive instant notifications of security events)

 

 

Pager Duty
(Receive instant notifications of security events)

 

 

Slack
(Raise instant alerts to a chosen Slack channel)

 

 

Microsoft Teams
(Raise instant alerts to a chosen team)

 

 

Amazon SNS
(Raise instant alerts to a chosen SNS topic)

 

 

JIRA
(Create tickets from inside the Cloud Optix console for alerts)

 

 

ServiceNow
(Create tickets from inside the Cloud Optix console for alerts)

 

 

GitHub
(Scan Infrastructure-as-Code templates in GitHub repositories)

 

 

BitBucket
(Scan Infrastructure-as-Code templates in Bitbucket repositories)

 

 

Jenkins
(Raise IAC scan results via API directly in the Jenkins build pipeline)

 

 

documentation

 

Learn More

Find additional information in our datasheet.

Download Datasheet

chat

 

Sophos Community

Find full system requirements for products.

Visit the Community

Get Started Today

Free TrialHow to Buy