SophosLabs Intelix
Supports informed decisions by providing detailed, explainable, and proven threat intelligence.
High-Fidelity Threat Intelligence
SophosLabs Intelix provides threat classification and deep analysis for known clean and malicious objects, including files, web pages, and IP addresses. Receive detailed analysis and just-in-time verdicts for suspicious threat objects.
Intelix is integrated into all Sophos products, providing zero-day protection and threat classification. Customers can incorporate Intelix into products, services, and infrastructure via APIs from the AWS Marketplace or OEM partnerships.
Delivered from SophosLabs' cloud, it provides security without impacting performance. Intelix is the only place where all Sophos detection technologies are applied simultaneously.


Use Cases
Incremental Protection
Sophos products, such as Sophos Firewall and Sophos Email, and other Sophos products can submit suspicious files to Intelix for deep analysis to accurately detect zero-day threats.
When detonating a file, Intelix sees the entire attack chain, allowing informed security decisions based on the exhibited behaviors, not just the initial file.
Leveraging the scalability and power of the cloud, Intelix can perform more detailed analysis than what's possible on an endpoint or firewall. Intelix includes decades of threat research and machine learning to provide the best conviction of malicious content.
Detailed Analysis
Threat hunters and security analysts rely on protection and detection technology to review and investigate suspicious behavior. Detailed and relevant intelligence is vital to support informed decisions throughout every investigation.
Sophos Intercept X with XDR integrates with Intelix to provide timely and relevant information, reducing the time required for analysts to make informed decisions.
Build Your Own Integration
Intelix can easily integrate into any application or environment and add valuable threat intelligence through API requests. It is available via AWS Marketplace for developers to integrate with existing infrastructure or, via OEM partnerships to build and sell in your product.

See the Power of Intelix Today
RESTful Threat Analysis and Intelligence
Augment Your Cybersecurity with our API Driven Platform
Powered by machine learning, decades of threat research, and petabytes of intelligence, SophosLabs Intelix™ gives your app superpowers to identify, classify, and prevent threats. Designed for easy integration into any application, augmenting your cybersecurity is only an HTTP request away.
Tap Into The Intelligence That Powers Sophos
SophosLabs Intelix™ is developed by the critically acclaimed, global Tier-1 threat research lab, SophosLabs, and used in all of Sophos’ industry leading cybersecurity solutions. Command the power of 30-plus years of SophosLabs experience in threat research and analysis through a suite of simple and rapid-response, RESTful APIs.
Powered by Data Science
Take advantage of industry-leading data science research into predictive analysis and detection through deep learning artificial neural networks and advanced learning and modelling techniques.
More Than Just Answers
Rich intelligence reports provide you with more than just the Good, the Bad, and the Unknown but actionable insight into the nature and capabilities of a threat so you can answer the hardest questions.
Data Quality and Breadth
Curated, aggregated, and consolidated threat intelligence sourced from disparate and complementary data sources with global visibility including intelligence derived from Sophos-protected networks and endpoints.
Data Sources
- Sophos Telemetry
(Network, Endpoint, Mobile) - Honeypots
- File Submissions
- Industry Intel Sharing
- Spam Traps
- Subscriptions
- Web Crawlers
- Open Source
Global Reputation
Static Analyzers
Dynamic Analysis (Sandbox)
Machine Learning
Deep Learning
Threat Research
Reverse Engineering
API Services
- Cloud Threat Lookups
- Static File Analysis
- Dynamic File Analysis
Three Easy to Use APIs
Cloud Threat Lookups
Take advantage of industry-leading data science research into predictive analysis and detection through deep learning artificial neural networks and advanced learning and modelling techniques.
Static File Analysis
Harness the power of multiple machine learning models, global reputation, deep file scanning, and more without needing to execute the file in real time.
Dynamic File Analysis
Detonate malware in real-time in a sandbox utilizing the latest analysis techniques for unmatched visibility into malicious files among the unknown and reveal the true nature and capabilities of a potential threat.
Never Trade Security for Performance
Triage with rapid lookups, deep dive with granular file analysis
With our progressive suite of intelligence APIs, quickly identify known threats via Cloud Threat Lookups before moving on to file uploads for detailed analysis with both Static File Analysis or Dynamic File Analysis.