Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News

January 30, 2018 |

Sophos Rolls Out Major Update of Next-Gen Endpoint Security Solution

The latest edition of Intercept X includes new malware detection functionality powered by a deep learning engine, as well as an extensive series of new anti-exploit safeguards.

Security vendor Sophos Ltd. has shipped a major new update of its Intercept X product with neural networking-based deep learning capabilities and enhanced exploit protections.

Introduced in September 2016, Intercept X is a next-generation endpoint security solution equipped with anti-ransomware and anti-exploit features that are designed to block never-before-seen attacks before they execute. The original edition, which has been available in a subscription-priced version targeted at MSPs since November 2016, also included root cause analysis functionality that helps companies diagnose successful breaches and a module called Sophos Clean that hunts down and eliminates spyware and other forms of deeply embedded malware.

The new edition adds malware detection functionality powered by a deep learning engine armed with neural networking technology. While machine learning systems can study tens of millions of virus samples, according to Sophos, Intercept X’s deep learning component can process hundreds of millions.

That makes the new feature, which takes up just 20 MB of storage space, a good counterpart to the malware sample repository maintained by the Sophos Labs research unit, which contains hundreds of millions of files and gains roughly 300,000 more every day.

In testing Sophos conducted over a six-week period, Intercept X was 150 to 400 percent better on a week-over-week basis at detecting previously unidentified strains of malware than traditional endpoint security solutions, and 10 to 60 percent better than competing systems with built-in machine learning. The system was no more likely than its competitors to produce false positive readings.

“If you are having too many false positives, IT administrators are running around white listing stuff and employees are not as productive because something that they’re using for their job has now been triggered as malicious,” observes Dan Schiappa, senior vice president and general manager of products at Sophos. “It just becomes a lot of noise in the system.”

New exploit protections in the updated edition of Intercept X include active adversary mitigations that guard against credential theft, “code cave” attacks, in which malicious code hides within legitimate programming, and application procedure calls of the sort used recently in the WannaCry and NotPetya viruses.

Other enhancements include protections against process privilege escalation and remote reflective DLL injection, a technique attackers can use to move between processes. New application lockdown functionality isolates software acting in unusual ways, such as a browser attempting to execute a Microsoft PowerShell script.

“We’re able to understand the typical behaviors of an application and ensure that it doesn’t operate outside those behaviors,” Schiappa says.

Also new to Intercept X in the latest edition is “synchronized application control” functionality that allows endpoints to collaborate with the Sophos XG Firewall on preventing software from evading firewall-level security policies. Companies with a signature-based policy against use of unauthorized video chat software, for example, could employ that feature to block a system trying to slip past the firewall undetected by disguising itself as something else.

“Because there’s a tight connection between the two [products], we can accurately tell the firewall specifically what that app is,” Schiappa states. Sophos last updated XG Firewall in October.

The new Intercept X release is available today at a standard MSRP of $20 to $40 per user for one year, with discounts for higher-volume and longer-term orders. Existing users, who have begun receiving it today, get the software at no additional charge.

The update arrives on the same day as new research from Sophos illustrating how badly businesses need help with exploits and ransomware. The study of more than 2,700 IT decision-makers from midsize businesses in 10 countries found that more than 50 percent of organizations have no anti-exploit protection.

Over half of surveyed companies were struck by ransomware last year, furthermore, even though more than 75 percent of those businesses had up-to-date endpoint security software at the time. Factoring in ransom payments, downtime, labor, hardware and network costs, and other expenses, the median financial impact of those breaches was $133,000. Five percent of survey participants suffered $1.3 to $6.6 million in total costs.

According to Schiappa, figures like those reflect the mounting dangers of a threat landscape in which underworld entrepreneurs selling ransomware and exploits as subscription-based services must continually invent effective new techniques to keep their customers satisfied.

“If I’m a hacker and I’m paying money to a subscription and they’re giving me stuff that keeps getting blocked, I’m going to stop paying that money,” he says. “What you’re seeing is just a massive leap in innovation and speed in innovation from the bad guys.”

Next-generations solutions like Intercept X that can block attacks too new to appear in black lists, he continues, are an essential supplement to traditional endpoint security systems. In fact, about 90 percent of Intercept X users run the system alongside the more traditional Sophos Central Endpoint Advanced, Schiappa says, and another 10 percent use Intercept X alongside a competitor’s endpoint security system.


Editor’s Choice

MSP360 Bolsters Managed Backup Solution With Full Sharepoint Backup and Restore, Object Lock, and More

March 25, 2024 |

MSP360 CEO Brian Helwig details the latest improvements in its managed backup solutions and teases some new opportunities down the road for its partners in an exclusive ChannelPro interview.

Peer to Peer: Aurora’s Philip de Souza shares his secrets to creating a successful MSSP

March 19, 2024 | Philip de Souza

“It’s important that we understand when it comes to this whole MSP world that it’s all about the customer.”

Evolving State AI Regulations: Best Practices for Mitigating Risk

March 14, 2024 | Anurag Lal

While AI technologies can unlock tremendous business value, they also have potential risks.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience