Sophos Intercept X Advanced with EDR - Endpoint Detection and Response
The Sophos Central endpoint portfolio is once again being extended with a new product. It is called Sophos Central Intercept X Advanced with EDR, and in this blog post, you’ll find out whether it’s suitable for you.
The Sophos Central endpoint products
Before we look at EDR in more detail, I’d like to briefly show you where the new product fits into Sophos Central. Sophos recently streamlined its endpoint products, rearranging features and renaming products. Including the new EDR product, Sophos currently offers the following options:
- Sophos Central Endpoint Protection - The absolute basic protection, primarily for signature-based detection.
- Sophos Central Endpoint Intercept X - Includes ransomware and exploit protection, and can also run alongside competitor products such as McAfee, Kaspersky, Symantec, etc.
- Sophos Central Intercept X Advanced - Includes all features of Endpoint Protection, including Intercept X. This is definitely our recommendation! 👍
- Sophos Central Intercept X Advanced with EDR
EDR - root cause analysis for advanced users
As you can guess from the product name, EDR is an extended feature for Intercept X that, in Sophos’ view, delivers too much added value to be offered as a free update.
The term “EDR” stands for “Endpoint Detection and Response”, and in short, this function is interesting for anyone who wants to investigate the root cause of an attack in more detail. The “Root Cause Analysis” function already built into Intercept X is certainly a good starting point, but EDR goes a step further to provide an even deeper understanding of the extent and impact of an attack.
Where EDR can help
I don’t think I’m far off when I claim that the majority of users don’t really care why Endpoint Protection or Intercept X triggered an alert. The software should simply take care of preventing attacks in the background, ensuring no damage is done to the system. Maybe you see a short message from time to time that a file has been blocked and moved to quarantine – but that’s as much as most people need to know.
Larger companies, however, usually want more precise information and have an internal or external security team that analyzes blocked files or programs in more detail. A blocked exploit by Intercept X could well be just the prelude to a much larger attack.
Intercept X Advanced with EDR helps you detect, investigate, and respond to suspicious activity that might otherwise have gone unnoticed. You can determine for yourself whether it’s a real threat or merely a false positive.
More information
If you are interested in the topic and want to take a closer look at Intercept X Advanced with EDR, we’ve compiled the relevant material for you here.
Webinar: Endpoint Detection and Response (EDR) Explained (50 minutes)
Webinar: Intercept X Advanced mit EDR EAP (Deutsch)
Demo: Sophos Intercept X Advanced with EDR (22 minutes)
Would you like to see what a marketing video for Intercept X with EDR looks like when neither the people in the video nor the video producers have even remotely understood what EDR actually is? In our opinion, the video is so meaningless that it definitely deserves first place among the worst Sophos videos. So if you currently have nothing better to do and feel like spending 2:11 minutes of your life, here is the link:
Sophos Intercept X Advanced with EDR - try it now!
If you don’t yet have a Sophos Central account, you can create one on the Sophos website and test all functions, including “Sophos Intercept X Advanced with EDR”, free of charge for 30 days.
If you already have a Sophos Central account and the 30-day trial period has expired, you can order a license for “Sophos Intercept X Advanced with EDR” from our shop:
