Sophos’ Industry-First Vendor-Agnostic Managed Detection and Response (MDR) Service Grows Customer Base by 33% in First Six Months Since Launching New Capabilities

Sophos, a global leader in innovating and delivering cybersecurity as a service, today announced that its industry-first vendor-agnostic Managed Detection and Response (MDR) service has grown its customer base by 33% in the first six months since introducing the service’s ability to ingest and analyze telemetry from third-party security vendors. Already, Sophos is processing more than 150 million alerts from nearly 30 other security providers. Sophos has also added a new team of MDR experts in Germany to service the increasing demand in the German and European markets, as well as to support the existing globally located MDR team that monitors and defends organizations 24/7/365. The service now protects more than 16,000 organizations worldwide and has been doubling in size year-over-year as the industry’s most widely used MDR offering.

MDR services are fast becoming an essential cybersecurity layer as attackers refine their tactics, techniques and procedures (TTPs) to overwhelm defenders. This includes decreasing their dwell time, as evidenced in Sophos’ 2023 Active Adversary Report for Business Leaders report, also announced today. Reduced dwell time indicates attackers are working faster to accomplish their end goal, whether it’s stealing data, deploying ransomware, spying, or perpetrating some other nefarious activity against a target. Consequently, defenders have less time to respond, from identifying the presence of attackers to neutralizing them. Analysis of incident response cases shows that median dwell times are dropping significantly – down to 10 days for the first time, and a day less for ransomware cases – and attacks are occurring continuously instead of during off business hours or over the weekend. Just as interesting, there’s no significant difference in dwell time among organizations of different sizes or sectors.

“The adoption of MDR is skyrocketing because organizations need 24x7 teams of experts to simply take over and handle cyberattacks that are executed in less time, change quickly and are more complex in nature. These factors put Sophos in the ideal position to further trailblaze the market,” said Rob Harrison, vice president of product management for security operations solutions at Sophos. “Since introducing our game-changing ability to ingest, collate and correlate other security vendors’ signals, we’ve already processed more than 150 million non-Sophos alerts from nearly 30 common providers. We’re leading the market in terms of volume, variety and time with unique MDR data from both Sophos and the other security providers. With this advantage of ingesting data from third-party sources, we have broader context, enabling us to make better decisions, defend faster and apply deeper knowledge to new and existing MDR customers.”

"The MDR market is gaining momentum as companies scramble to stay one step ahead of rapidly evolving attacks that continue to increase in number, sophistication and complexity while simultaneously trying to manage the cybersecurity talent skills shortage reality. Since its launch in October, Sophos MDR has mirrored that momentum as organizations look to realize secure outcomes and reduce their cybersecurity risk posture from their existing cybersecurity investments. The benefit of Sophos's technology-agnostic managed service approach is that it meets customers where they are rather than requiring investment in new security tools to achieve an outcome," said Frank Dickson, group vice president for IDC's Security and Trust research practice.

Sophos MDR successfully reported malicious activity across all 10 MITRE ATT&CK steps in the first-ever independent MITRE Engenuity ATT&CK Evaluation for security service providers. Sophos MDR was evaluated with 15 vendors, excelling in its ability to detect sophisticated threats with speed and precision. Sophos was named the only Leader across the G2 Grid Reports for MDR, Extended Detection and Response (XDR) Platforms, Endpoint Detection and Response (EDR), Endpoint Protection Suites, and Firewall Software in the G2 Spring 2023 Reports. In the Managed Detection and Response (MDR) Services market on Gartner® Peer Insights®, Sophos MDR is the highest rated and most reviewed MDR service with a 4.8 rating across 296 reviews as of April 24, 2023.