Sophos MDR Service Tiers

Sophos MDR features two service tiers (Standard and Advanced) to provide a comprehensive set of capabilities for organizations of all sizes and maturity levels.

Regardless of the service tier selected, organizations can take advantage of any of our three Response Modes (Notify, Collaborate, or Authorize) to fit their unique needs.

Request a QuoteContact Us

Sophos MDR: Standard

Image
24/7 support

24/7 Lead-Driven Threat Hunting

Confirmed malicious artifacts or activity (strong signals) are automatically blocked or terminated, freeing up threat hunters to conduct lead-driven threat hunts. This type of threat hunt involves the aggregation and investigation of causal and adjacent events (weak signals) to discover new Indicators of Attack (IoA) and Indicators of Compromise (IoC) that previously could not be detected.

Image
Unknown threats

Adversarial Detections

Most successful attacks rely on the execution of a process that can appear legitimate to monitoring tools. Using proprietary investigation techniques, our team determines the difference between legitimate behavior and the tactics, techniques, and procedures (TTPs) used by attackers.

Image
Privacy Protection

Security Health Check

Keep your Sophos Central products, beginning with Intercept X Advanced with XDR, operating at peak performance with proactive examinations of your operating conditions and recommended configuration improvements.

Image
logo

Activity Reporting

Summaries of case activities enable prioritization and communication, so your team knows what threats were detected and what response actions were taken within each reporting period.

Sophos MDR: Advanced

Includes all Standard features, plus the following:

Image
Shield

24/7 Leadless Threat Hunting

Applying data science, threat intelligence, and the intuition of veteran threat hunters, we combine your company profile, high-value assets, and high-risk users to anticipate attacker behavior and identify new Indicators of Attack (IoA).

Image
Email

Dedicated Threat Response Lead

When an incident is confirmed, a dedicated threat response lead is provided to directly collaborate with your on-premises resources (internal team or external partner) until the active threat is neutralized.

Image
Training and Accreditation

Direct Call-In Support

Your team has direct call-in access to our security operations center (SOC). Our MDR Operations Team is available around-the-clock and backed by support teams spanning 26 locations worldwide.

Image
synchronized-security-icon

Enhanced Telemetry

Threat investigations are supplemented with telemetry from other Sophos Central products, extending beyond the endpoint to provide a full picture of adversary activities.

Image
Authentictor

Proactive Posture Improvement

Proactively improve your security posture and harden your defenses with prescriptive guidance for addressing configuration and architecture weaknesses that diminish your overall security capabilities.

Image
Unknown threats

Asset Discovery

For both managed and unmanaged assets, we provide valuable insights during impact assessments, threat hunts, and as part of proactive posture improvement recommendations.

  Intercept X
Advanced
Intercept X
Advanced with XDR
Intercept X Advanced
with XDR and MDR
Automated malware removal

 

 

All the features found in Intercept X Advanced with XDR, plus a 24/7, proactive threat-hunting team that finds, contains, and neutralizes the most sophisticated attacks on your behalf.
Cryptoguard ransomware file protection

 

 

Real-time antivirus, anti-malware protection

 

 

Cloud-based management console

 

 

Sophos Central integration

 

 

Synchronized Security Heartbeat

 

 

Application control

 

 

Web control and URL blocking

 

 

Deep-learning malware detection

 

 

Root-cause analysis

 

 

Exploit prevention

 

 

Active adversary detection and prevention

 

 

Endpoint detection and response  

 

Extended detection and response  

 

Guided investigations  

 

Deep-learning malware analysis  

 

Endpoint Isolation  

 

Live Discover SQL queries  

 

Live Response command line interface  

 

 

Get Started Today

Request a QuoteContact Us