May 18, 2024

Exploited unpatched vulnerabilities are the main root explanation for profitable assaults, as reported in Sophos’ 2024 Ransomware Report.

The trendy assault floor has expanded past conventional on-premises IT boundaries, with organizations working often unknown numbers of exterior and internet-facing belongings which might be unpatched or below protected, leaving them susceptible to cyberattackers.

Given this urgent want, we’re excited to introduce Sophos Managed Risk, powered by Tenable. This new service permits organizations to seek out and get rid of blind spots and keep forward of potential assaults by clearly understanding and prioritizing the very best danger exposures, with skilled steerage from Sophos’ devoted staff.

Sophos Managed Threat delivers:

  • Assault floor visibility
    The trendy assault floor continues to develop past the borders of conventional IT, and most organizations now have internet-facing belongings they don’t understand they personal, offering simple targets for risk actors. Sophos Managed Threat discovers the group’s internet-facing belongings and analyzes their exterior assault floor.
  • Steady monitoring
    In-house IT and safety groups could lack the deep information and expertise of the exploitation panorama wanted to completely perceive the safety posture of their group’s assault floor. Sophos Managed Threat offers skilled steerage and helps set remediation priorities.
  • Threat-based vulnerability prioritization
    New vulnerabilities are found quicker than most organizations can repair them. Understanding which of them are related and through which order to patch them is a major problem. Sophos Managed Threat identifies and prioritizes exposures utilizing in depth vulnerability protection and risk-based prioritization expertise from Tenable.
  • Proactive notification of high-risk exposures
    Attackers search for weaknesses within the setting lengthy earlier than organizations know they’re there. Figuring out high-risk exposures shortly is essential. Sophos Managed Threat offers proactive notification when new vital vulnerabilities are found that have an effect on the group’s belongings.

“One of many largest challenges organizations face when bettering their safety posture is prioritizing what to deal with first. One of these steerage helps remedy that difficulty and reduces the workload for safety groups tasked with tackling vulnerability and publicity administration,” stated Craig Robinson, analysis vp of Safety Companies, IDC. “Options reminiscent of Sophos Managed Threat is usually a differentiator by enabling overwhelmed groups to take a extra holistic method to steady monitoring and risk administration.”

The Sophos-Tenable Alliance

Sophos Managed Threat combines industry-leading expertise from Tenable with risk experience from Sophos, delivered as a proactive assault floor administration service. This distinctive partnership brings collectively two extremely revered cybersecurity market leaders to ship superior safety outcomes for patrons and companions.

“Sophos and Tenable are two {industry} safety leaders coming collectively to handle pressing, pervasive safety challenges that organizations constantly battle to manage. We will now assist organizations determine and prioritize the remediation of vulnerabilities in exterior belongings, gadgets and software program which might be usually ignored. It’s vital that organizations handle these publicity dangers, as a result of unattended, they solely result in extra expensive and time-consuming points and are sometimes the foundation causes of great breaches,” stated Rob Harrison, senior vp for endpoint and safety operations product administration at Sophos. “We all know from Sophos’ worldwide survey knowledge that 32% of ransomware assaults begin with an unpatched vulnerability and that these assaults are the costliest to remediate. The perfect safety layers to forestall these points embrace an lively method to bettering safety postures by minimizing the possibilities of a breach with Sophos Managed Threat, Sophos Endpoint, and 24×7 Sophos MDR protection.”

“Whereas the newest zero day could dominate the headlines, the largest risk to organizations, by a big margin, remains to be recognized vulnerabilities – or vulnerabilities for which patches are available,” stated Greg Goetz, vp of worldwide strategic companions and MSSP, Tenable. “A successful method contains risk-based prioritization with context-driven analytics to proactively tackle exposures earlier than they change into an issue. Sophos Managed Threat, powered by the Tenable One Publicity Administration Platform, delivers outsourced preventive danger administration, enabling organizations to anticipate assaults and cut back cyber danger.”

Collaborates with the world’s most trusted MDR service

Sophos Managed Threat is offered as an prolonged service with Sophos MDR, which already protects greater than 21,000 organizations globally. The devoted Sophos Managed Threat staff is Tenable-certified and works intently with Sophos MDR to share important details about zero-days, recognized vulnerabilities and publicity dangers to evaluate and examine probably exploited environments. Organizations profit by way of common interplay, together with scheduled conferences with Sophos specialists to evaluation current discoveries, insights into the present risk panorama, and proposals for remediation and prioritizing actions.

For instance, when Sophos discovers a brand new high-risk zero-day vulnerability that might depart a company uncovered, Sophos Managed Threat scans their belongings for the potential for an exploit and proactively notifies the client. Organizations can join with the Sophos Managed Threat staff and conveniently handle vulnerability escalation circumstances alongside MDR investigations in a single unified Sophos console.

Obtainable quickly

With Sophos Managed Threat specialists offering insights into assault floor vulnerabilities, organizations of all sizes can cut back cyber danger, speed up their patching applications, and enhance insurability. The brand new service will probably be out there on the finish of April 2024.

To study extra about Sophos Managed Threat and the way it can help you, visit our website or communicate with a safety skilled at the moment.