Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3


October 9, 2018 |

Sophos Adds EDR Functionality to Intercept X

Available now through an early access program, the new addition to the vendor’s next-generation endpoint security solution allows users to analyze suspicious files and get targeted advice on responding to them from the SophosLabs threat intelligence database.

Sophos Ltd. has unveiled an endpoint detection and response (EDR) add-on for the advanced edition of its Intercept X security solution.

Introduced just over two years ago, Intercept X is a behavior-based endpoint protection solution designed to identify and block both known and entirely new threats in real time. The supplemental technology announced today, which is available immediately through a global pre-release early access program, seeks to help users without security expertise analyze less clearly dangerous files as well and respond to the risks they pose appropriately.

“It allows you without a deep level of sophistication to do your own malware research,” says Dan Schiappa, senior vice president and general manager of products at Sophos Ltd.

Drawing on the same neural networking-based deep learning capabilities Sophos added to Intercept X in January, the new EDR system automatically assesses a suspicious file’s reputation and provides guidance on whether further investigation is warranted. If it is, users can immediately request insights on the file from the threat intelligence database maintained by the vendor’s SophosLabs research unit. SophosLabs analysts study some 400,000 new and unique attack samples daily.

“These are not run-of-the-mill kind of spray and pray pieces of malware,” Schiappa notes. “These are very highly unique, and in some cases very specific to a certain attack.”

Though not a substitute for a security operations center, Intercept X’s EDR functionality is designed to perform many of the same functions. “If you don’t have a SOC, this is going to provide you insights way better than you would have had otherwise,” Schiappa says. “If you do have a SOC, this is something that will add depth of information and add value to what you’ve already invested.”

Either way, he continues, the new system helps channel pros better serve customers without hiring high-priced security experts. “We’re trying to really take the role of a very hard to find security analyst,” Schiappa says.

Organizations that have analysts on staff can use the new EDR product as well to prioritize threats more effectively, he adds. MSPs, meanwhile, can use the system to augment their monthly recurring revenue by adding advanced threat assessment and response assistance to the more basic security services they already deliver.

“This is a product that we think fits right into the MSP wheelhouse,” Schiappa says. “They can look at this as a way to add even more value to their customers and create additional revenue streams.”

Intercept X has included limited detection and response functionality since it first reached market in the form of a root cause analysis component that spots successful breaches, diagnoses what allowed them to happen, identifies compromised files, and recommends follow-up steps. That feature addresses known bad files only, however.

“It’s really just a visualization of the attack that we’ve already detected, and basically the ability for you to understand what happened in that attack,” Schiappa says. “Now we have the ability to actually jump in and look at things that weren’t necessarily convicted but were suspicious.”

Sophos plans to decide when it puts its EDR solution into general availability on results of the early access program, rather than target a preset launch date.

“We’ve done the early access program both times with our previous two Intercept X releases and it’s just been wildly successful,” Schiappa says. “We just get tremendous feedback from customers and partner and our channel partners.”

Sophos partners will have to pay an incremental subscription fee to add EDR support to Intercept X. Members of the vendor’s MSP partner program will have the option of making those payments in monthly installments rather purchasing a multi-year subscription in advance.

At present, EDR functionality is available only for the advanced endpoint security edition of Intercept X. According to Schiappa, however, Sophos will eventually add it to the server edition of Intercept X it shipped in July as well.

Last week, IDC predicted that global outlays on security-related hardware, software, and services will climb from a projected $92.1 billion this year to $133.7 billion in 2022.

Editor’s Choice

Exclaimer is Embracing MSPs With a New Program. Could Email Signatures Be Newest ‘as a Service’ Offering?

February 28, 2024 |

If you never thought email signatures could be a source of recurring revenue, think again. Managing it can help you and your customers monetize email in a way you probably never thought possible.

EXCLUSIVE INTERVIEW: Dell’s New Chief Partner Officer Denise Millard Gets Candid on AI

February 23, 2024 |

Dell’s new chief partner officer believes that 2024 is the year that artificial intelligence becomes “real” for businesses and consumers alike.

EXCLUSIVE INTERVIEW: Nerdio CEO Shares Insights on Integrating AI in MSP Operations

February 22, 2024 |

Fresh off of his company’s recent announcements, Vadim Vladimirskiy shares how Nerdio is committed to leveraging AI and other technologies to enhance the MSP experience.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience