Excels in Ability to Detect Sophisticated Threats with Speed and Precision

OXFORD, U.K. — Novembre 9, 2022 —

 Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced that Sophos Managed Detection and Response (MDR) successfully reported malicious activity across all 10 MITRE ATT&CK® steps in the first-ever independent MITRE Engenuity ATT&CK® Evaluation for security service providers. Sophos MDR was evaluated with 15 vendors, excelling in its ability to detect sophisticated threats with speed and precision.

“The complexity and sophistication of today’s cyberthreats make it increasingly difficult for most organizations to manage it effectively on their own, and the need for managed security service partners that can not only proactively and in real-time detect threats but also respond to them on their behalf is critical,” said Mat Gangwer, vice president of operations for Sophos MDR. “MITRE Engenuity is fulfilling a vital industry need for threat-informed evaluation methodologies and publicly available results that enable organizations’ security leaders to assess managed services providers with transparency to ensure trust and alignment. Vendor participation is essential, as the only way we can improve industry defenses is in doing so collectively."

The MITRE Engenuity ATT&CK Evaluation for security service providers evaluated Sophos MDR and other vendors’ abilities to detect and analyze attack tactics and techniques simulating those used by OilRig, an Iranian government-affiliated threat actor – also known as APT34 and Helix Kitten. OilRig relies on social engineering, stolen credentials and supply chain attacks to target organizations across critical infrastructure, government, financial services, and other industries, and was chosen as the evaluation threat actor based on its evasion and persistence techniques, complexity and relevancy to industry. Unlike MITRE Engenuity’s ATT&CK Evaluations for Enterprise, which follow an open book methodology where participating vendors know in advance the adversary being emulated, the managed services evaluation did not disclose the adversary group or the technique scope.

More than 12,600 organizations rely on Sophos MDR for 24/7 threat hunting, detection and response delivered by an expert team as a fully-managed service. The recently expanded service now provides compatibility with third-party security technologies, integrating telemetry from endpoint, firewall, cloud, identity, email, and other vendor’s security solutions as part of the Sophos Adaptive Cybersecurity Ecosystem.

Informazioni su Sophos

Sophos è leader mondiale nella cybersecurity next-gen e protegge più di 500.000 organizzazioni e milioni di consumatori in oltre 150 paesi, difendendone i sistemi contro le minacce informatiche più avanzate. Sophos sfrutta i dati di intelligence sulle minacce, l’intelligenza artificiale e il machine learning dei SophosLabs e di SophosAI per offrire una vasta gamma di prodotti e servizi avanzati, in grado di proteggere utenti, reti ed endpoint contro ransomware, malware, exploit, phishing e un’enorme varietà di attacchi informatici. Sophos offre una singola console di gestione integrata e basata sul cloud, Sophos Central: l’elemento fondamentale di un ecosistema di sicurezza adattiva che include un Data Lake centralizzato. Il Data Lake a sua volta si avvale di una gamma completa di API aperte che sono disponibili per clienti, partner, sviluppatori e altri vendor di sicurezza. Sophos vende i propri prodotti e servizi attraverso Partner Rivenditori e Managed Service Provider (MSP) in tutto il mondo. La sede centrale di Sophos è situata a Oxford, nel Regno Unito. Ulteriori informazioni sono disponibile alla pagina www.sophos.it.