Sophos Firewall launched Lively Risk Response in v20, which enabled Sophos MDR and XDR analysts to set off an automatic block response for an energetic adversary on the community.
Now, Taegis MDR and XDR prospects can even reap the benefits of this functionality, which dramatically reduces response instances in an energetic assault.
The way it works
If an analyst identifies a brand new menace speaking out to a command and management server, or a distant attacker, they will push that compromised area, IP, or URL to Sophos Firewall from the Taegis portal by way of the Sophos Central backend. The firewall will then begin coordinating a protection instantly and routinely, with out the necessity for handbook intervention or new firewall guidelines.
As you possibly can see from this demo, it couldn’t be simpler to right away block suspicious or malicious community communications:
Response instances go from hours or days to seconds
As you possibly can think about, if a brand new energetic assault is found late on a Friday earlier than an extended weekend, in another state of affairs it may take a number of days earlier than somebody can log into their firewall and block the menace.
However with Sophos Firewall and Taegis MDR or XDR, analysts can set off an automatic response inside seconds. That’s a key advantage of the Sophos platform: enabling data and telemetry sharing between merchandise to facilitate an automatic response to energetic assaults.
The way to get it
When you’re not already a Sophos Firewall buyer, get began at present with a free trial and see first-hand how Sophos Firewall can rework your community safety.
Interested by MDR? Be taught extra about how Sophos MDR providers mix easy-to-use, AI-driven expertise with world-class safety specialists who monitor, forestall, detect, and reply to threats 24/7.
