We’re happy to announce new options to the Sophos AI Assistant, which places simpler case triage and investigation, MDR-grade experience, guided workflows, and real-time menace looking immediately within the arms of each Sophos XDR and MDR buyer.
What’s the Sophos AI Assistant?
The Sophos AI Assistant is an built-in characteristic in Sophos Central that makes use of massive language fashions (LLMs) and pure language understanding to allow all customers — from IT generalists to skilled SOC analysts — to question safety telemetry, enrich investigations, and take investigative actions with no need to put in writing SQL-like queries.
It isn’t simply one other AI device — it’s experience from the workforce behind the world’s main Managed Detection and Response service, distilled into an clever agent. The AI Assistant is included for all Sophos XDR and MDR clients at no extra cost.
With this launch, the Sophos AI Assistant has been enhanced to help two key roles:
- Safety Analyst – Targeted on case investigation and triage.
- Menace Hunter – Targeted on proactive, exploratory investigations throughout the atmosphere.
Getting began with the AI Assistant
Key capabilities on this launch
- Up to date navigation in Sophos Central
The Sophos AI Assistant is now accessible from a brand new “AI” menu within the Sophos Central Admin console. This replace displays the rising significance of AI-powered instruments in analyst workflows and ensures simpler entry to AI-driven insights and actions—whether or not you’re responding to alerts, investigating incidents, or proactively looking threats.
- New Safety Analyst and Menace Hunter assistants
This launch introduces a brand new AI assistant:
- Safety Analyst assistant: Designed for triage, case administration, and investigation duties.
- Menace Searching assistant: Provides help for proactive looking workflows, permitting analysts to discover telemetry, craft queries, and examine suspicious conduct throughout the property.
Collectively, these new context conscious assistants unify reactive and proactive capabilities underneath a single, AI-powered interface.
- Contextual workflows based mostly on analyst position
The AI Assistant now pulls in context based mostly on the perform an analyst is performing:
- Safety Analysts obtain case-aware prompts, enrichment help, and streamlined investigation flows.
- Menace Hunters are supplied with superior search ideas, guided telemetry pivots, and customized immediate templates.
Whether or not you’re summarizing case findings or exploring detection anomalies, the AI Assistant ensures a seamless and role-aligned expertise.
- Sensible immediate starters and in-workflow help
To cut back onboarding friction and enhance usability, Sophos has launched clever immediate ideas tailor-made to frequent SOC actions. From machine evaluation to development critiques, the AI Assistant helps you body efficient queries and make knowledgeable choices—with no need deep familiarity with question languages or telemetry schemas.
Use instances in motion
- Alert triage: Rapidly summarize the context and associated detections
- Investigation: Hint lateral motion utilizing command-line information or person conduct
- Menace looking: Seek for PowerShell execution anomalies over time
- Enrichment: Carry out reside lookups on hashes, IPs, or domains
You possibly can even add AI Assistant outputs immediately into your case notebooks, guaranteeing that your insights and steps are preserved for auditing or handover.
Sophos Central Documentation – AI Assistant Use Instances
Easy methods to write efficient prompts
We’ve revealed a brand new finest practices information for writing efficient AI prompts. This information helps you body questions extra clearly and exactly to make sure high-quality outcomes from the AI Assistant.
Ideas embrace:
- Be particular: Embrace machine names, time ranges, or detection sorts
- Give context: Tie the immediate to a case or alert when doable
- Outline format: Ask for lists, tables, or summaries if wanted
Easy methods to craft efficient prompts
Able to strive it?
Log in to Sophos Central at the moment and begin working together with your new AI teammate.
