Exploited unpatched vulnerabilities are the main root reason behind profitable assaults, as reported in Sophos’ 2024 Ransomware Report.
The trendy assault floor has expanded past traditional on-premises IT boundaries, with organizations working continuously unknown numbers of exterior and internet-facing property which might be unpatched or below protected, leaving them weak to cyberattackers.
Given this urgent want, we’re excited to introduce Sophos Managed Risk, powered by Tenable. This new service allows organizations to search out and eradicate blind spots and keep forward of potential assaults by clearly understanding and prioritizing the very best danger exposures, with knowledgeable steerage from Sophos’ devoted crew.
Sophos Managed Risk delivers:
- Attack floor visibility
The trendy assault floor continues to develop past the borders of conventional IT, and most organizations now have internet-facing property they don’t notice they personal, offering simple targets for menace actors. Sophos Managed Risk discovers the group’s internet-facing property and analyzes their exterior assault floor. - Continuous monitoring
In-house IT and safety groups could lack the deep information and expertise of the exploitation panorama wanted to totally perceive the safety posture of their group’s assault floor. Sophos Managed Risk offers knowledgeable steerage and helps set remediation priorities. - Risk-based vulnerability prioritization
New vulnerabilities are found quicker than most organizations can repair them. Understanding which of them are related and wherein order to patch them is a big problem. Sophos Managed Risk identifies and prioritizes exposures utilizing in depth vulnerability protection and risk-based prioritization expertise from Tenable. - Proactive notification of high-risk exposures
Attackers search for weaknesses within the atmosphere lengthy earlier than organizations know they’re there. Identifying high-risk exposures shortly is essential. Sophos Managed Risk offers proactive notification when new crucial vulnerabilities are found that have an effect on the group’s property.
“One of the biggest challenges organizations face when improving their security posture is prioritizing what to handle first. This type of guidance helps solve that issue and reduces the workload for security teams tasked with tackling vulnerability and exposure management,” mentioned Craig Robinson, analysis vp of Security Services, IDC. “Solutions such as Sophos Managed Risk can be a differentiator by enabling overwhelmed teams to take a more holistic approach to continuous monitoring and threat management.”
The Sophos-Tenable Alliance
Sophos Managed Risk combines industry-leading expertise from Tenable with menace experience from Sophos, delivered as a proactive assault floor administration service. This distinctive partnership brings collectively two extremely revered cybersecurity market leaders to ship superior safety outcomes for purchasers and companions.
“Sophos and Tenable are two industry security leaders coming together to address urgent, pervasive security challenges that organizations continuously struggle to control. We can now help organizations identify and prioritize the remediation of vulnerabilities in external assets, devices and software that are often overlooked. It is critical that organizations manage these exposure risks, because unattended, they only lead to more costly and time-consuming issues and are often the root causes of significant breaches,” mentioned Rob Harrison, senior vp for endpoint and safety operations product administration at Sophos. “We know from Sophos’ worldwide survey data that 32% of ransomware attacks start with an unpatched vulnerability and that these attacks are the most expensive to remediate. The ideal security layers to prevent these issues include an active approach to improving security postures by minimizing the chances of a breach with Sophos Managed Risk, Sophos Endpoint, and 24×7 Sophos MDR coverage.”
“While the latest zero day may dominate the headlines, the biggest threat to organizations, by a large margin, is still known vulnerabilities – or vulnerabilities for which patches are readily available,” mentioned Greg Goetz, vp of worldwide strategic companions and MSSP, Tenable. “A winning approach includes risk-based prioritization with context-driven analytics to proactively address exposures before they become a problem. Sophos Managed Risk, powered by the Tenable One Exposure Management Platform, delivers outsourced preventive risk management, enabling organizations to anticipate attacks and reduce cyber risk.”
Collaborates with the world’s most trusted MDR service
Sophos Managed Risk is on the market as an prolonged service with Sophos MDR, which already protects greater than 21,000 organizations globally. The devoted Sophos Managed Risk crew is Tenable-certified and works carefully with Sophos MDR to share important details about zero-days, identified vulnerabilities and publicity dangers to evaluate and examine probably exploited environments. Organizations profit by common interplay, together with scheduled conferences with Sophos consultants to assessment latest discoveries, insights into the present menace panorama, and proposals for remediation and prioritizing actions.
For instance, when Sophos discovers a brand new high-risk zero-day vulnerability that might depart a corporation uncovered, Sophos Managed Risk scans their property for the opportunity of an exploit and proactively notifies the client. Organizations can join with the Sophos Managed Risk crew and conveniently handle vulnerability escalation circumstances alongside MDR investigations in a single unified Sophos console.
Available quickly
With Sophos Managed Risk consultants offering insights into assault floor vulnerabilities, organizations of all sizes can scale back cyber danger, speed up their patching applications, and enhance insurability. The new service shall be accessible on the finish of April 2024.
To study extra about Sophos Managed Risk and the way it can help you, go to our web site or communicate with a safety knowledgeable as we speak.