Sophos Acquires SOC.OS to Advance Managed Threat Response and Extended Detection and Response Capabilities

Sophos, a global leader in next-generation cybersecurity, today announced that it has acquired SOC.OS, an innovator of a cloud-based security alert investigation and triage automation solution. The solution consolidates and prioritizes high volumes of security alerts from multiple products and platforms across an organization’s estate, allowing security operations teams to quickly understand and respond to the most urgent cases flagged. SOC.OS launched in 2020 and is a spinout of BAE Systems Digital Intelligence. The company is privately held and based in Milton Keynes, U.K.

With SOC.OS, Sophos plans to advance its Managed Threat Response (MTR) and Extended Detection and Response (XDR) solutions for organizations of all sizes. SOC.OS will also help Sophos expand its Adaptive Cybersecurity Ecosystem, which underpins all of Sophos’ security solutions. This will include providing alerts and events from third-party endpoint, server, firewall, Identity and Access Management (IAM), cloud workload, email, and mobile security products.

According to the Gartner® Market Guide for Extended Detection and Response, Nov. 8, 2021, “To make XDR a long-term investment, (organizations need to) evaluate breadth and depth of ecosystem integration. The easier the XDR can integrate into your existing environment, the better an investment it will be.”

“Sophos MTR is one of the fastest-growing new offerings in the company’s history. We now stand as one of the largest Managed Detection and Response (MDR) operations in the world, delivering superior security outcomes through an MTR service with more than 8,000 customers. The top enhancement request from these customers is ‘better integrations with existing security environments,’ and with the innovative technology from SOC.OS, we will be able to do just that – seamlessly integrate Sophos’ MTR and XDR solutions within their current set of security and IT solutions,” said Joe Levy, chief technology and product officer, Sophos. “SOC.OS will also provide our Adaptive Cybersecurity Ecosystem with a broader set of third-party telemetry, so security analysts have better visibility into important events and alerts. SOC.OS has an impressive list of integrations that will benefit Sophos customers as we continue to expand and develop industry-leading XDR and MDR capabilities. We’re very excited to bring the team and technology from SOC.OS onboard.”

With cyberattacks, such as ransomware, becoming increasingly prevalent and complex, security operations teams are under constant pressure to monitor every aspect of their organization. Between 24/7 threat activity, high volumes of security alerts and false positives, and understaffing, organizations need XDR or MTR, plus a solution from SOC.OS that automatically clusters and triages alerts.

“Alert fatigue and lack of visibility still plague security teams worldwide. Considering this, against the backdrop of constantly changing cyberthreats and a challenging talent landscape, defenders need new and innovative products and services that can help them solve more complex incidents in less time,” said Dave Mareels, chief executive officer and co-founder, SOC.OS. “For many defenders, however, the complexity and cost of traditional security solutions act as barriers to adoption.By joining forces with Sophos, we can address these challenges together, head on. The sum is greater than our parts, and by combining our capabilities, we’re positioned to offer truly unique, cost effective and highly accessible products and services to those who need it most, on a global scale.”