Sophos X-Ops: the new Sophos task force

The Cybersecurity player brings together the SophosLabs, Sophos SecOps and Sophos AI teams in Sophos X-Ops to support companies in defending against cyberattacks.

Wisea global company operating in the latest generation of IT security, announces its founding Sophos X-Opsa new cross-functional business unit that connects three Sophos cybersecurity expert groups such as SophosLabs, Sophos SecOps And Sophos AI to help companies better defend themselves against increasingly sophisticated and ever-evolving cyber-attacks.

Sophos X-Ops leverages real-time threat intelligence from in-depth field research conducted by the three teams working together to deliver even more powerful and innovative protection, detection and response capabilities.

Sophos also published research “OODA: Sophos X-Ops takes on growing SQL Server attacks“Which analyzes the increase in attacks against servers Microsoft SQL and how cybercriminals used a fake download site and remote access tools recovered from the gray market to distribute various ransomware families was also not reported.

Sophos X-Ops detected and blocked these attacks because Sophos X-Ops teams pooled their respective knowledge of relevant incidents, analyzed them together, and quickly took the necessary actions to contain and neutralize the adversaries.

Modern cybersecurity is becoming a highly interactive team sport, and as the industry matures, the need for expertise in analysis, engineering and research has emerged. Scalable end-to-end enterprises must now bring together software developers, automation engineers, malware analysts, reverse engineering experts, cloud infrastructure specialists, emergency response personnel, data engineers, data scientists and many other specialists, and they all need an organizational structure without silos“, he stated Joe Levy, Chief Technology and Product Officer at Sophos. “We have brought together three experienced and globally recognized Sophos teams to achieve this wealth of industry and process critical expertise. United in Sophos X-Ops, they can now leverage each other’s strengths, including telemetry analytics collected from more than 500,000 customers worldwide, state-of-the-art threat hunting capabilities, response and remediation capabilities, and rigorous intelligence. artificial to measurably improve detection and response skills. Attackers are often too organized and sophisticated to combat without the combination of skills and operational effectiveness of a combined task force like Sophos X-Ops“.

Speaking in March 2022 al Detroit Economic Club in the matter of cooperation between F.B.I and the private sector to tackle cybercrime, the FBI Director Christopher Wray has stated: “What partnerships allow us to do is hit our adversaries at every possible point, from the victims’ ‘networks’ to the hackers’ computers, because when it comes to the FBI’s cyber strategy, we know we’re trying to stand in front of the door and answer the questions Shots don’t make us take home the result. We hit three targets: cybercriminals, their infrastructure and money, achieving the most lasting effect by working with all our partners and thus hitting all three targets.“.

Sophos X-Ops takes a similar approach: collecting and using threat intelligence from its multidisciplinary teams to block attackers as quickly as possible, avoiding or minimizing damage from ransomware, espionage and other cybercrimes that can affect companies of all kinds and sizes and cooperate with the authorities to neutralize the infrastructure of the attackers. While the three teams already share information regularly, the formal creation of Sophos X-Ops leads to a faster, streamlined approach to dealing with equally fast adversaries.

Effective cyber security requires solid collaboration at every level, both internally and externally. it’s the only way to detect, analyze and combat cybercriminals quickly and at scale. Bringing these separate teams together in Sophos X-Ops shows how Sophos understands this principle and acts accordingly“, he commented Michael Daniel, president and CEO of the Cyber ​​Threat Alliance.

Sophos X-Ops also represents a stronger interdisciplinary foundation for innovation, an essential element of cybersecurity due to the aggressive evolution of organized cybercrime. Combining the expertise of each team, Sophos is the first to leverage the concept of an AI-powered Security Operations Center (SOC) that predicts analyst intent and suggests appropriate defensive actions. Sophos believes that in the SOC of the future, this approach can dramatically accelerate security workflows and the ability to detect and respond more quickly to new priority indicators of compromise.

The cybercriminal community has figured out how to work together to mask parts of attacks while also creating new ways to evade detection and exploit any software’s weaknesses to exploit them on a massive scale. The umbrella represented by Sophos X-Ops is a good example of how to draw inspiration from villain tactics by enabling cross-disciplinary collaboration between different internal teams specializing in threat intelligence“, concluded Craig Robinson, research vice president, Security Services at IDC. “Combining the ability to leverage broad threat intelligence expertise with AI-powered capabilities within SOCs enables businesses to better predict and prepare for upcoming as well as future attacks“.

Leave a Comment