LAS VEGAS — August 8, 2023 —

Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced that Sophos X-Ops will lead three presentations at Black Hat and DEF CON, taking place this week in Las Vegas. Speaker presentations from Sophos Managed Detection and Response (MDR) security operations experts, threat researchers, data scientists, and more will share unique insights into threat intelligence and unveil research findings – including new ways in which adversaries are leveraging AI to carry out attacks. Speakers will also address how organizations can sharpen their defenses to stay protected.

Sophos X-Ops, the cross-operational task force that includes SophosLabs, Sophos SecOps and SophosAI, today also unveiled new threat intelligence, “Clustering Attacker Behavior Reveals Hidden Patterns,” identifying distinct connections between three of the most prominent ransomware groups this past year: Royal, Hive and Black Basta. Sophos X-Ops forensics of four different ransomware attack investigations show distinct similarities, suggesting the three groups are sharing either affiliates or highly specific technical details of their activities. Sophos is tracking and monitoring the attacks as a threat activity cluster that defenders can use to speed up detection and response times.

The line-up of speakers includes:

Sophos at Black Hat: Booth #2132 – Ongoing Through Black Hat

Wednesday, Aug. 9 at 1:50 p.m. PDT

View from the SOC: Avoiding Death by a Thousand Data Sources

Mat Gangwer, Sophos vice president of Managed Detection and Response

Dave Mareels, Sophos senior director of product management

Mandalay Bay, K


Sophos at DEF CON 

Friday, Aug. 11 at 12 p.m. PDT

You're Not George Clooney, and This Isn't Ocean's Eleven 

Andrew Brandt, Sophos principal researcher

Harrah’s, War Stories - For The Record


Saturday, Aug. 12 at 1:30 p.m. PDT

The Sinister Synergy of Advanced AI: Automatically Orchestrating Large-scale Scam Campaigns with Large Generative Models  

Ben Gelman, Sophos senior data scientist

Younghoo Lee, Sophos principal data scientist

Caesars Forum, AI Village

Media can contact for additional information about the sessions and the new threat activity cluster intelligence, and to arrange interviews with any of the researchers.

About Sophos

Sophos is a global leader and innovator of advanced security solutions that defeat cyberattacks, including Managed Detection and Response (MDR) and incident response services and a broad portfolio of endpoint, network, email, and cloud security technologies. As one of the largest pure-play cybersecurity providers, Sophos defends more than 600,000 organizations and more than 100 million users worldwide from active adversaries, ransomware, phishing, malware, and more. Sophos’ services and products connect through the Sophos Central management console and are powered by Sophos X-Ops, the company’s cross-domain threat intelligence unit. Sophos X-Ops intelligence optimizes the entire Sophos Adaptive Cybersecurity Ecosystem, which includes a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity and information technology vendors. Sophos provides cybersecurity-as-a-service to organizations needing fully managed security solutions. Customers can also manage their cybersecurity directly with Sophos’ security operations platform or use a hybrid approach by supplementing their in-house teams with Sophos’ services, including threat hunting and remediation. Sophos sells through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K. More information is available at