Exploited unpatched vulnerabilities are the main root reason for profitable assaults, as reported in Sophos’ 2024 Ransomware Report.
The trendy assault floor has expanded past conventional on-premises IT boundaries, with organizations working often unknown numbers of exterior and internet-facing belongings which are unpatched or below protected, leaving them weak to cyberattackers.
Given this urgent want, we’re excited to introduce Sophos Managed Danger, powered by Tenable. This new service permits organizations to search out and get rid of blind spots and keep forward of potential assaults by clearly understanding and prioritizing the very best danger exposures, with knowledgeable steerage from Sophos’ devoted staff.
Sophos Managed Danger delivers:
Assault floor visibilityThe trendy assault floor continues to develop past the borders of conventional IT, and most organizations now have internet-facing belongings they don’t understand they personal, offering simple targets for menace actors. Sophos Managed Danger discovers the group’s internet-facing belongings and analyzes their exterior assault floor.
Steady monitoringIn-house IT and safety groups might lack the deep information and expertise of the exploitation panorama wanted to totally perceive the safety posture of their group’s assault floor. Sophos Managed Danger offers knowledgeable steerage and helps set remediation priorities.
Danger-based vulnerability prioritizationNew vulnerabilities are found sooner than most organizations can repair them. Understanding which of them are related and during which order to patch them is a big problem. Sophos Managed Danger identifies and prioritizes exposures utilizing intensive vulnerability protection and risk-based prioritization expertise from Tenable.
Proactive notification of high-risk exposuresAttackers search for weaknesses within the setting lengthy earlier than organizations know they’re there. Figuring out high-risk exposures shortly is essential. Sophos Managed Danger offers proactive notification when new essential vulnerabilities are found that have an effect on the group’s belongings.
“One of many greatest challenges organizations face when bettering their safety posture is prioritizing what to deal with first. This sort of steerage helps remedy that concern and reduces the workload for safety groups tasked with tackling vulnerability and publicity administration,” mentioned Craig Robinson, analysis vice chairman of Safety Providers, IDC. “Options akin to Sophos Managed Danger could be a differentiator by enabling overwhelmed groups to take a extra holistic method to steady monitoring and menace administration.”
The Sophos-Tenable Alliance
Sophos Managed Danger combines industry-leading expertise from Tenable with menace experience from Sophos, delivered as a proactive assault floor administration service. This distinctive partnership brings collectively two extremely revered cybersecurity market leaders to ship superior safety outcomes for purchasers and companions.
“Sophos and Tenable are two {industry} safety leaders coming collectively to deal with pressing, pervasive safety challenges that organizations constantly battle to manage. We will now assist organizations determine and prioritize the remediation of vulnerabilities in exterior belongings, units and software program which are usually missed. It’s essential that organizations handle these publicity dangers, as a result of unattended, they solely result in extra expensive and time-consuming points and are sometimes the foundation causes of serious breaches,” mentioned Rob Harrison, senior vice chairman for endpoint and safety operations product administration at Sophos. “We all know from Sophos’ worldwide survey knowledge that 32% of ransomware assaults begin with an unpatched vulnerability and that these assaults are the most costly to remediate. The best safety layers to forestall these points embody an energetic method to bettering safety postures by minimizing the probabilities of a breach with Sophos Managed Danger, Sophos Endpoint, and 24×7 Sophos MDR protection.”
“Whereas the most recent zero day might dominate the headlines, the largest menace to organizations, by a big margin, continues to be recognized vulnerabilities – or vulnerabilities for which patches are available,” mentioned Greg Goetz, vice chairman of world strategic companions and MSSP, Tenable. “A successful method consists of risk-based prioritization with context-driven analytics to proactively deal with exposures earlier than they change into an issue. Sophos Managed Danger, powered by the Tenable One Publicity Administration Platform, delivers outsourced preventive danger administration, enabling organizations to anticipate assaults and cut back cyber danger.”
Collaborates with the world’s most trusted MDR service
Sophos Managed Danger is on the market as an prolonged service with Sophos MDR, which already protects greater than 21,000 organizations globally. The devoted Sophos Managed Danger staff is Tenable-certified and works intently with Sophos MDR to share important details about zero-days, recognized vulnerabilities and publicity dangers to evaluate and examine presumably exploited environments. Organizations profit by way of common interplay, together with scheduled conferences with Sophos consultants to evaluation latest discoveries, insights into the present menace panorama, and proposals for remediation and prioritizing actions.
For instance, when Sophos discovers a brand new high-risk zero-day vulnerability that might go away a corporation uncovered, Sophos Managed Danger scans their belongings for the potential for an exploit and proactively notifies the shopper. Organizations can join with the Sophos Managed Danger staff and conveniently handle vulnerability escalation circumstances alongside MDR investigations in a single unified Sophos console.
Out there quickly
With Sophos Managed Danger consultants offering insights into assault floor vulnerabilities, organizations of all sizes can cut back cyber danger, speed up their patching packages, and enhance insurability. The brand new service will likely be accessible on the finish of April 2024.
To be taught extra about Sophos Managed Danger and the way it can help you, go to our web site or communicate with a safety knowledgeable at this time.