Native support for Sophos Endpoint in Taegis elevates security outcomes by delivering a unified, best-in-class prevention, detection and response platform
Sophos, a global leader of innovative security solutions for defeating cyberattacks, today announced that Sophos Endpoint is now natively integrated and automatically included in all Taegis™ Extended Detection and Response (XDR) and Taegis Managed Detection and Response (MDR) subscriptions. This milestone gives customers immediate access to combined prevention, detection, and response capabilities in a single platform – while lowering costs and simplifying operations. The integration follows Sophos’ acquisition of Secureworks in February 2025 and represents a major milestone in combining the companies’ strengths to help customers defeat cyberattacks with a higher ROI.
Endpoint protection remains one of the most critical layers of defense against today’s cyberthreats, delivering both frontline prevention and vital telemetry for detection and response. With Sophos Endpoint included in all new and existing Taegis XDR and MDR subscriptions, customers can benefit from unmatched ransomware defenses and adversary mitigation capabilities that automatically deploy in the event of an attack. The integration enables organizations to strengthen protection while lowering licensing costs, reduce management overhead through native integration, and accelerate threat mitigation with expanded response actions.
Taegis remains a fully open platform, ensuring customers continue to receive full value from their existing cybersecurity investments and maintain the freedom to use the endpoint protection solution of their choice. This ensures that customers maximize ROI while allowing room in their budget for other cybersecurity priorities.
“Integrating Sophos Endpoint with Taegis delivers a best-in-class unified protection, detection, investigation, and response platform – while also reducing customer costs,” said Raja Patel, Chief Product Officer at Sophos. “Too many organizations still treat endpoint protection like a commodity, and that’s exactly the mistake attackers are counting on. The reality is, not all endpoint products are built to stop today’s hands-on-keyboard attacks. Sophos Endpoint’s prevention-first capabilities, like CryptoGuard anti-ransomware protection and Adaptive Attack Protection, shut down attacks before they can escalate, which is a true game changer for enterprises managing thousands of devices. And by simplifying deployment and policy management, we’re helping organizations stay ahead of threats, lower their total cost of ownership, and maximize the return on their security investments.”
Key benefits for Taegis customers include:
- Lower costs and improved ROI: Sophos Endpoint is now automatically included with all Taegis XDR and Taegis MDR subscriptions, eliminating the need to purchase a separate endpoint security solution.
- Vendor choice preserved: Taegis remains an open platform, allowing organizations to continue using their preferred endpoint solution.
- Industry-leading protection: A 16-time leader in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms, Sophos Endpoint provides unmatched defense against ransomware and other advanced threats, with features such as CryptoGuard and Adaptive Attack Protection, accessible directly from the Taegis console.
- Workflow continuity: Telemetry and detections from Sophos Endpoint are ingested into the Taegis platform, allowing customers to retain existing detection and response workflows.
- Simplified management: Customers can download, install and manage Sophos Endpoint directly from Taegis.
To support a range of environments, customers can now choose between three deployment options for endpoint protection:
- Sophos Endpoint: Natively integrated for comprehensive prevention, detection, and response in a single agent.
- Non-Sophos native integrations: Telemetry ingestion ensures full visibility from products such as CrowdStrike, Microsoft Defender, SentinelOne and Carbon Black by Broadcom.
- Other non-Sophos endpoint security solutions: Supported through a detection only sensor deployment option.
“This integration expands the value and flexibility we deliver to customers and partners,” said Chris Bell, Senior Vice President of Global Channel, Alliances and Corporate Development at Sophos. “By including Sophos Endpoint in Taegis, organizations gain stronger protection, reduced costs and simplified operations. For partners, it creates new opportunities to help customers consolidate tools, drive renewals and expand enterprise relationships.”
Sophos Endpoint is trusted by more than 300,000 organizations worldwide and consistently recognized for leadership in prevention and protection:
- Sophos is the only vendor named a Leader across the G2 Overall Grid® Reports for Endpoint Protection Suites, Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Firewall Software, and Managed Detection and Response (MDR).
Sophos Endpoint is available immediately for all existing and new Taegis XDR and MDR customers. Read the Sophos blog post to learn more about the Sophos Endpoint integration with Taegis.