Sophos Central Intercept X Advanced with XDR

Description

With Intercept X Advanced with XDR, you get the complete package that Sophos has to offer in the area of endpoint protection. It includes all the features of the classic "Endpoint Protection" with "Intercept X" for protection against ransomware and exploits. As the name of the product suggests, however, you also buy the "XDR" function here.

XDR means "Extended Detection and Response" and is interesting for all those who want to get to the bottom of the cause of an attack in more detail or, in certain companies, have to. XDR is therefore used when, for example, a malware has been blocked or an exploit has been prevented. It could be that a thwarted attack is just a harbinger of a much larger attack. XDR can be seen in our eyes as an extension of the "Root Cause Analysis" already included in Intercept X, simply with many more possibilities.

Extensive expertise at a relatively low price

Intercept X Advanced with XDR takes over the tasks normally performed by experienced analysts. However, Intercept X Advanced with XDR does not rely on humans to ask questions and interpret data, as other EDR solutions do. Sophos's product is based on machine learning and complemented by intelligence from "SophosLabs".

Artificial security expertise at its best

Intercept X Advanced with XDR automatically detects and prioritizes potential threats and forwards the findings to IT. Machine learning is used to identify suspicious events and sort them by importance. This allows analysts to quickly identify where they should focus their attention and understand which computers may be affected.

Malware expertise

Most companies rely on malware experts who specialize in reverse engineering to analyze suspicious files. This approach is not only time-consuming, but also requires a high standard of cybersecurity that most organizations do not meet. Intercept X Advanced with XDR offers a better approach. By leveraging "deep learning malware analysis," it automatically analyzes malware in extreme detail, breaking down file attributes and code and comparing it to millions of other files. It is then easy for analysts to identify which attributes and code segments are similar to good or bad files. This can very efficiently determine whether a file should be blocked or allowed.

To see the product in action, be sure to check out the videos linked below!

Technical Specifications

Compare the feature set of Sophos’s various endpoint products to protect your clients. Not sure which protection best suits your business? We advise you free of charge and completely without obligation.

	Intercept X Essentials About the product	Intercept X Advanced About the product	Intercept X Advanced with XDR About the product	Sophos MDR Essentials About the product	Recommended Sophos MDR Complete About the product
Multiple guidelines	-	✔	✔	✔	✔
Controlled updates	-	✔	✔	✔	✔
Application Control	-	✔	✔	✔	✔
Peripheral control	-	✔	✔	✔	✔
Web Control/Category-based URL Filtering	-	✔	✔	✔	✔
Download reputation	✔	✔	✔	✔	✔
Web Security	✔	✔	✔	✔	✔
Deep learning malware detection	✔	✔	✔	✔	✔
Anti-malware file scans	✔	✔	✔	✔	✔
Live Protection	✔	✔	✔	✔	✔
Behavioral analysis before execution (HIPS)	✔	✔	✔	✔	✔
Blocking potent. Unwanted applications (PUAs)	✔	✔	✔	✔	✔
Intrusion Prevention System (IPS)	✔	✔	✔	✔	✔
Data Loss Prevention	✔	✔	✔	✔	✔
Runtime behavior analysis (HIPS)	✔	✔	✔	✔	✔
Antimalware Scan Interface (AMSI)	✔	✔	✔	✔	✔
Malicious Traffic Detection (MTD)	✔	✔	✔	✔	✔
Exploit Prevention	✔	✔	✔	✔	✔
Active Adversary Mitigations	✔	✔	✔	✔	✔
Ransomware File Protection (CryptoGuard)	✔	✔	✔	✔	✔
Disk and Boot Record Protection (WipeGuard)	✔	✔	✔	✔	✔
Man-in-the-Browser Protection (Safe Browsing)	✔	✔	✔	✔	✔
Improved application lockdown	✔	✔	✔	✔	✔
Live Discover (cross-environmental SQL queries for threat hunting and security compliance)	-	-	✔	✔	✔
SQL query library (pre-formulated, customizable queries)	-	-	✔	✔	✔
Data storage on hard disk (up to 90 days) with fast data access	-	-	✔	✔	✔
Cross-product data sources (e.g. firewall, e-mail)	-	-	✔	✔	✔
Cross-product queries	-	-	✔	✔	✔
Sophos Data Lake (cloud data storage)	-	-	30 days	90 days	90 days
Scheduled queries	-	-	✔	✔	✔
Threat cases (root cause analysis)	-	✔	✔	✔	✔
Deep Learning Malware Analysis	-	-	✔	✔	✔
Advanced threat data from SophosLabs on demand	-	-	✔	✔	✔
Export of forensic data	-	-	✔	✔	✔
Automated malware removal	✔	✔	✔	✔	✔
Synchronized Security Heartbeat	✔	✔	✔	✔	✔
Sophos Clean	✔	✔	✔	✔	✔
Live Response (remote terminal access for further analysis and Response measures)	-	-	✔	✔	✔
On-Demand Endpoint Isolation	-	-	✔	✔	✔
With one click "Remove and block	-	-	✔	✔	✔
24/7 evidence-based threat hunting	-	-	-	✔	✔
Compatible with third-party security tools	-	-	-	✔	✔
Security Health Checks	-	-	-	✔	✔
Activity Reports	-	-	-	✔	✔
Sophos MDR ThreatCast	-	-	-	✔	✔
Attack detection	-	-	-	✔	✔
Stop and contain threats	-	-	-	✔	✔
Direct telephone support for incidents	-	-	-	✔	✔
24/7 circumstantial threat hunting	-	-	-	-	✔
Proactive Security Posture Management	-	-	-	-	✔
Full incident response: complete neutralization of Threats	-	-	-	-	✔
Root cause analysis – and how can renewed attacks be prevented?	-	-	-	-	✔
Dedicated contact person at the Incident Response Team	-	-	-	-	✔