Adaptive Attack Protection is a strong and distinctive differentiator in Sophos Endpoint. It dynamically allows heightened defenses when a “hands-on-keyboard” assault is detected. In this elevated mode of safety, actions which are normally benign however generally abused by attackers are blocked outright by Sophos Endpoint – dramatically lowering the probability of the assault’s success and supplying you with extra time to neutralize the risk.
Watch this 2-minute video for an summary of Sophos Adaptive Attack Protection.
As attackers proceed to innovate of their approaches, we’ve got prolonged this distinctive safety with extra capabilities that additional defend Sophos Endpoint clients towards energetic adversaries.
Greater Protection, More Control, Increased Visibility
This Sophos-exclusive safety functionality is now even stronger. All Sophos Endpoint clients now profit from a variety of important enhancements:
- Greater safety. Customers now have the choice to use particular Adaptive Attack Protection blocking guidelines persistently through new coverage settings of their Sophos Central cloud-based administration console.
- More management. Customers can now manually activate (and deactivate) Adaptive Attack Protection on a tool to use extra aggressive safety whereas investigating suspicious exercise – best for situations the place totally isolating the gadget from the community might trigger important operational disruption to the group. You also can prolong the time that Adaptive Attack Protection is activated on a tool to present extra time to finish an investigation.
- Increased visibility. New Adaptive Attack Protection occasions and alerts notify you when a tool is beneath assault and urge responders to take motion to neutralize the risk.
New handbook controls for Adaptive Attack Protection.
New alerts notify clients when Adaptive Attack Protection is activated on a tool.
New Safe Mode Protection
When adversaries fail to interrupt by means of runtime safety layers on an endpoint, they usually try and restart the gadget into Safe Mode, the place safety software program just isn’t current or minimal. Sophos Endpoint now protects towards adversary abuse of Safe Mode with two new capabilities:
- Block protected mode abuse: A brand new Adaptive Attack Protection persistent coverage rule is now out there that forestalls adversaries from programmatically restarting units into Safe Mode.
- Enable safety in protected mode: Sophos Endpoint safety capabilities, together with our unmatched CryptoGuard anti-ransomware know-how and AI-powered malware safety, can now be enabled on units operating in Safe Mode.
New protected mode safety coverage settings.
Adaptive Attack Protection is offered to all Sophos Endpoint clients as we speak.
To study extra about Sophos Endpoint and the way it might help your group higher defend towards as we speak’s superior assaults, converse with a Sophos adviser or your Sophos accomplice as we speak.