Launch Pad
Jul 21, 2021

Sophos new XDR and ACE

Modern attacks are very different from what they used to be a few years ago; in the past, they were very endpoint-centric...
QUOTE OF THE EPISODE:
About the episode

Sophos has been around for over 30 years, making them one of the market veterans that focuses on cybersecurity. They have a broad spectrum of cybersecurity solutions like endpoint, encryption, network security, email security, mobile security, and unified threat management. Sophos customers are ranging from SMBs to SMEs, including Large Enterprise companies. ACE is the new adaptive ecosystem Sophos introduced recently. The solution comes in place to provide end-to-end cybersecurity functionality for organizations while inviting others, even Sophos competitors, to integrate their solution with the ACE ecosystem for a greater good and provide seamless functionality to their customers. Dan reinforced that by saying, “Sophos is not looking at their competitors but at their adversaries”.

A unique capability of the ACE architecture is how security analysts can interact using an Osquery-like language to retrieve and filter data from the XDR data-lake. Sophos goes one step further, providing their customers with pre-configured queries that can help them quickly navigate through their data and focus on what matters most. Sophos also keeps their hand continuously on the pulse of the adversaries tactics and vulnerabilities by distributing queries that can highlight the attacks and malicious IOCs currently exploited in adversarial campaigns.

Sophos has years of experience collecting CTI data and analyzing it traditionally, making it available through their SophosLabs Intelix service. Based on these capabilities, any data that gets to the data lake can be coloured by the CTI markers. In addition, Sophos provides managed XDR services to their customers. And the unique advantage of it is the ML models that learn in real-time from the way operators respond to incidents and continuously evolve to automate response using AI.

One of the interesting examples is the SOAR capabilities which are part of the ACE ecosystem. For example, when the endpoint agent shares information with the firewall about malicious attempts, IOC, or current posture of the endpoint and seamlessly allows the firewall to execute policy that limits the access of the endpoint or walling it depending on the level of threat identified and communicated.

Modern attacks are very different from what they used to be a few years ago; in the past, they were very endpoint-centric and used more transparent methods of communication. Modern attacks are spanning beyond the endpoint to the identity ecosystem and utilizing a chain of multiple vulnerabilities. They are capable of landing and detonating the malicious code through various attack surfaces. The modern attackers heavily utilize standard forms of encryption like TLS to hide their communication with their C2 infrastructure. They are aware of the fact that many firewalls don’t inspect the encrypted traffic. The advantage of XDR and the data lake enables the hunters to see across the ecosystem and identify where the attackers are hiding and where they are trying to move. Adding to this, Sophos Live Response capability enabled the analyst to immediately jump on the endpoint and take action, cutting down significantly the response time.

In summary, Sophos' new ACE Architecture is a holistic solution that provides many capabilities to build on top and makes Sophos XDR a very compelling offer. Sophos recently acquired Capsule8 to advance their offerings for Linux based systems.

CYBER DICTIONARY WORDS USED IN THIS EPISODE:
No items found.

About our guest

Daniel Schiappa
EVP & Chief Product Officer
SOPHOS
Episodes
Dan Schiappa is chief product officer at next-generation cybersecurity leader Sophos. He’s a transformational and strategic leader who orchestrates the company’s technical strategy, playing an instrumental role in architecting technologies; overseeing product management and research and development; and ensuring product quality. With a passion for education and inspiring the next generation of cyber talent, Dan also serves as chair of the University of Central Florida’s Dean's Advisory Board, where he oversees various aspects of the school’s elite cybersecurity program.
More from
No items found.
No items found.
Transcript
"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum."Section 1.10.32 of "de Finibus Bonorum et Malorum", written by Cicero in 45 BC"Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur?"1914 translation by H. Rackham"But I must explain to you how all this mistaken idea of denouncing pleasure and praising pain was born and I will give you a complete account of the system, and expound the actual teachings of the great explorer of the truth, the master-builder of human happiness. No one rejects, dislikes, or avoids pleasure itself, because it is pleasure, but because those who do not know how to pursue pleasure rationally encounter consequences that are extremely painful. Nor again is there anyone who loves or pursues or desires to obtain pain of itself, because it is pain, but because occasionally circumstances occur in which toil and pain can procure him some great pleasure. To take a trivial example, which of us ever undertakes laborious physical exercise, except to obtain some advantage from it? But who has any right to find fault with a man who chooses to enjoy a pleasure that has no annoying consequences, or one who avoids a pain that produces no resultant pleasure?"Section 1.10.33 of "de Finibus Bonorum et Malorum", written by Cicero in 45 BC"At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia deserunt mollitia animi, id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio. Nam libero tempore, cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus, omnis voluptas assumenda est, omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus, ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat."1914 translation by H. Rackham"On the other hand, we denounce with righteous indignation and dislike men who are so beguiled and demoralized by the charms of pleasure of the moment, so blinded by desire, that they cannot foresee the pain and trouble that are bound to ensue; and equal blame belongs to those who fail in their duty through weakness of will, which is the same as saying through shrinking from toil and pain. These cases are perfectly simple and easy to distinguish. In a free hour, when our power of choice is untrammelled and when nothing prevents our being able to do what we like best, every pleasure is to be welcomed and every pain avoided. But in certain circumstances and owing to the claims of duty or the obligations of business it will frequently occur that pleasures have to be repudiated and annoyances accepted. The wise man therefore always holds in these matters to this principle of selection: he rejects pleasures to secure other greater pleasures, or else he endures pains to avoid worse pains."