Sophos Central Managed Detection and Response Essentials

136,23  - 408,69 

136,23  - 408,69 

Select options
Shopping Cart

No products in the cart.

Sophos Central Managed Detection and Response Essentials

136,23  - 408,69 

Quantity Unit price
3 - 9 136,23 
10 - 24 86,67 
25 - 49 77,51 
50 - 99 68,74 
100 - 199 64,27 
200 + 62,71 
SKU: sophos-mdr

Sophos Managed Detection and Response – Artificial intelligence mixed with human expertise

With “Sophos Central MDR” you can achieve the highest level of security Sophos can currently offer for the protection of your endpoints (macOS 10.15+, Windows 8.1+). In this bundle, you get all the features of Intercept X Advanced with XDR and the new, enhanced MDR service.

Active threat response by a team of experts – 24/7

With the MDR service, Sophos provides a highly available “Service Operation Center” (SOC). It is the perfect complement for all IT administrators where there are no free resources to go threat hunting themselves with XDR's tools. It takes highly skilled and specialized personnel to use XDR to proactively scan the network for potential threats and take the correct steps when an attack occurs.
With Sophos Central MDR for Server, you no longer need to look for trained personnel yourself. Sophos provides a team of experts who work 24/7 to combat threats.

Features of MDR

24/7 circumstantial threat hunting

If something has been detected on your system that could not be fixed automatically and requires human expertise, the MDR team is there for you on a 24/7 basis. An expert then takes a close look at the critical note and uses his experience to decide what needs to be done.

Attack detection

The MDR team pays special attention to attacks executed through legitimate processes, such as PowerShell. Such attacks are often successful because they are difficult for monitoring tools to detect. The MDR team uses proprietary analytics to monitor these processes to ensure they are not being misused for malicious purposes.

Security Health Check

The Security Health Check ensures that your Sophos Central products can always operate at maximum performance. To do this, the MDR team looks at your network requirements and makes recommendations for configuration changes.

Activity Reports

You will learn the current state of your systems, what intelligence was gathered during the reporting period, and what threats were averted. A histogram of these reports is then created over the period where you use the MDR service. With the help of this data, Sophos creates so-called "scorecards", with which one can compare oneself to previous periods.

Onboarding process with maximum control and transparency

Regardless of whether you choose the normal MDR or MDR Complete variant, you retain control over how autonomously the MDR team should operate. This is regulated right at the beginning in the so-called onboarding process. When you purchase the Sophos MDR service, you can choose from three options that determine what response you expect from the MDR team:


At this level, if the Sophos MDR team has detected a threat case or an attack, it will only inform you about it, but will not take action for you on its own. However, you will get a detailed report about the cause and detection with actionable steps to fix the threat manually.


The Sophos MDR team works with your IT team or even an external consulting firm to respond to the appropriate threats.


Here, the MDR team takes care of containment and neutralization actions completely independently and only informs you about the measures taken.

Included integrations - no additional costs

Security data from the following sources can be integrated free of charge for use by the Sophos MDR team. Telemetry sources are used to increase the visibility of your environment, generate new threat detections, and improve the reliability of existing threat detections.

Sophos XDR

The only XDR platform that combines native endpoint, Server, firewall, cloud, email, mobile and Microsoft integrations.

Included in Sophos MDR and Sophos MDR Complete pricing.

Sophos Firewall

Monitor and filter inbound and outbound network traffic to stop advanced threats before they can cause damage.

The product is sold separately; it is integrated at no extra charge.

Sophos Endpoint Protection

Block advanced threats and detect malicious behavior - including attackers posing as legitimate users.

Included in Sophos MDR and Sophos MDR Complete pricing.

Sophos Email​

Protect your inbox from malware and benefit from advanced AI that prevents targeted identity deception and phishing attacks.

The product is sold separately; it is integrated at no extra charge.

Sophos Cloud

Stop cloud attacks and get visibility into your critical cloud services, including AWS, Azure, and Google Cloud Platform.

The product is sold separately; it is integrated at no extra charge.

90-Days Data Retention

Stores data from all Sophos products and all third-party (non-Sophos) products in the Sophos Data Lake.

Included in Sophos MDR and Sophos MDR Complete pricing.

Microsoft Graph Security​

  • Microsoft Defender for Endpoint
  • Microsoft Defender for Cloud
  • Microsoft Defender for Cloud Apps
  • Microsoft Defender for Identity
  • Identity Protection (Azure AD)
  • Microsoft Azure Sentinel
  • Office 365 Security and Compliance Center
  • Azure Information Protection

Office 365 Management Activity

Provides information about user, admin, system, and policy actions and events from Office 365 and Azure Active Directory activity logs

Third-Party Endpoint Protection

Compatible with ...

  • Microsoft
  • CrowdStrike
  • SentinelOne
  • Check Point
  • Trend Micro
  • BlackBerry (Cylance)
  • McAfee
  • Malwarebytes

Add-on integrations

Security data from the following third-party sources can be integrated into the Sophos MDR operations team by purchasing Integration Packs.


Compatible with ...

  • Palo Alto Networks
  • Fortinet
  • Check Point
  • Cisco
  • SonicWall

Public Cloud

Compatible with ...

  • AWS
  • Microsoft Azure
  • Orca Security
  • Google Cloud


Compatible with ...

  • Okta
  • Duo

Network Security

Compatible with ...

  • Darktrace
  • Forcepoint
  • McAfee (web gateway)


Compatible with ...

  • Proofpoint
  • Mimecast

1-Year Data Retention

Stores data from all Sophos products and all third-party (non-Sophos) products in the Sophos Data Lake.

Technical Specifications

Compare the feature set of Sophos’s various endpoint products to protect your clients. Not sure which protection best suits your business? We advise you free of charge and completely without obligation.

Intercept X Essentials

Sophos Central Intercept X Essentials About the product

Intercept X Advanced

Sophos Central Intercept X Advanced About the product

Intercept X Advanced with XDR

Sophos Central Intercept X Advanced with XDR About the product

Sophos MDR Essentials

Sophos Managed Detection and Response About the product

Sophos MDR Complete

Sophos Managed Detection and Response Complete About the product
Multiple guidelines -
Controlled updates -
Application Control -
Peripheral control -
Web Control/Category-based URL Filtering -
Download reputation
Web Security
Deep learning malware detection
Anti-malware file scans
Live Protection
Behavioral analysis before execution (HIPS)
Blocking potent. Unwanted applications (PUAs)
Intrusion Prevention System (IPS)
Data Loss Prevention
Runtime behavior analysis (HIPS)
Antimalware Scan Interface (AMSI)
Malicious Traffic Detection (MTD)
Exploit Prevention
Active Adversary Mitigations
Ransomware File Protection (CryptoGuard)
Disk and Boot Record Protection (WipeGuard)
Man-in-the-Browser Protection (Safe Browsing)
Improved application lockdown
Live Discover (cross-environmental SQL queries for threat hunting and security compliance) - -
SQL query library (pre-formulated, customizable queries) - -
Data storage on hard disk (up to 90 days) with fast data access - -
Cross-product data sources (e.g. firewall, e-mail) - -
Cross-product queries - -
Sophos Data Lake (cloud data storage) - - 30 days 90 days 90 days
Scheduled queries - -
Threat cases (root cause analysis) -
Deep Learning Malware Analysis - -
Advanced threat data from SophosLabs on demand - -
Export of forensic data - -
Automated malware removal
Synchronized Security Heartbeat
Sophos Clean
Live Response (remote terminal access for further analysis and Response measures) - -
On-Demand Endpoint Isolation - -
With one click "Remove and block - -
24/7 evidence-based threat hunting - - -
Compatible with third-party security tools - - -
Security Health Checks - - -
Activity Reports - - -
Sophos MDR ThreatCast - - -
Attack detection - - -
Stop and contain threats - - -
Direct telephone support for incidents - - -
24/7 circumstantial threat hunting - - - -
Proactive Security Posture Management - - - -
Full incident response: complete neutralization of Threats - - - -
Root cause analysis – and how can renewed attacks be prevented? - - - -
Dedicated contact person at the Incident Response Team - - - -

Help with purchase

Are there any questions about the product?

It is better to ask again before buying, before you end up holding the wrong product in your hands.

Ask question
Sophos Central Managed Detection and Response Essentials

136,23  - 408,69 

136,23  - 408,69 

Select options