Minimizing the risk of supply chain attacks – best practice guidelines

Credit to Author: Doug Aamoth| Date: Wed, 28 Apr 2021 10:00:29 +0000

The recent cyberattack on IT-monitoring company SolarWinds pushed supply chain weaknesses into the spotlight by highlighting just how unprepared many organizations are when it comes to defending against supply chain attacks. These attacks often happen because they don’t know where to start or don’t believe themselves important or high-profile enough to be targeted. In our [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/21_LQ5JquEQ” height=”1″ width=”1″ alt=””/>

Read more

Patching alone is not enough: Investigate your exposure windows

Credit to Author: Greg Iddon| Date: Thu, 25 Mar 2021 12:12:56 +0000

TL;DR Patching alone is not enough Timebox your exposure windows Search your exposure windows for indicators of compromise, misuse, and persistence Microsoft has published guidance for responders Sophos has also published guidance for responders Follow the Sophos Investigative Framework for observables If you are compromised and need assistance, call our Rapid Response team If you’re [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/FrZdlp1VvoM” height=”1″ width=”1″ alt=””/>

Read more

Securing multi-cloud environments in government and public sector organizations

Credit to Author: Sally Adam| Date: Wed, 10 Mar 2021 17:02:12 +0000

Cloud adoption is enabling enterprises across all sectors to collaborate more efficiently especially in today’s highly remote business environment. More specifically, government agencies are implementing multi-cloud infrastructure with their workloads spread across multiple public, private, and edge cloud platforms. According to Gartner, the government cloud spending is expected to grow on an average of 17.1 percent [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/t5hhCdXntQE” height=”1″ width=”1″ alt=””/>

Read more

The importance of adaptability: a day in the life of a Distinguished Engineer

Credit to Author: harrietstone| Date: Tue, 09 Mar 2021 10:31:41 +0000

My role within Sophos is quite unusual because I help to shape innovation across the whole company. Normally a Distinguished Engineer would focus on a particular specialism. However, I work to co-ordinate all our teams and business units and make sure their plans line up to make a coherent whole that works together for our [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/rShTwkTSb_0″ height=”1″ width=”1″ alt=””/>

Read more

Understanding XDR, the latest evolution in threat detection and response

Credit to Author: Maxim Weinstein| Date: Wed, 03 Mar 2021 15:07:49 +0000

A few weeks ago, we published a brief overview of XDR. To summarize, XDR—short for extended detection and response (or sometimes x-product detection and response)—can be defined as: An approach that unifies information from multiple security products to automate and accelerate threat detection, investigation, and response in ways that isolated point solutions cannot. With the [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/08fmKT3NQd0″ height=”1″ width=”1″ alt=””/>

Read more

Try out powerful new XDR and EDR features, now in early access for Intercept X

Credit to Author: Alex Gardner| Date: Wed, 24 Feb 2021 14:00:11 +0000

We are pleased to announce that powerful new Extended Detection and Response (XDR) and Endpoint Detection and Response (EDR) features for Intercept X are now available in early access. The early-access program (EAP) gives you the power to pull in network data sources in addition to those from endpoints and servers, enabling an even more [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/9ZVLO7b6VAo” height=”1″ width=”1″ alt=””/>

Read more