Mac malware is on the rise. While Apple does provide system protection for MacOS Sierra, dangerous infections that can wreak havoc are consistently being developed and deployed by cybercriminals.

That’s why we created Sophos Home to protect every Mac in your home with business-grade security. To show you just what Sophos Home is made of independent testing lab AV-Test put it to the test, along with 11 other MacOS security tools.

Our free commercial-grade home security was able to detect 100 percent of the Mac malware the testing lab threw at it, placing us at the top of the pack! Plus, it fully removed all the malware samples.

Read the full report to find out how we did in all areas of the testing. And, most importantly, ensure your Mac stays ahead of the threats – download Sophos Home for FREE today!

You can read the original article, here.

We are excited to announce that we are introducing a new way of experiencing LogPoint! LogPoint Free is a completely free version of LogPoint, which lets you ingest up to 350 events per second (eps), from up to 10 nodes.

LogPoint Free provides full LogPoint functionality, access to support, Help Center and Community.

Free Extension

The LogPoint Free license runs for 90 days but can be extended for free upon request. You can also easily upgrade to a LogPoint license if needed.

Is LogPoint Free for you?

LogPoint Free is designed for you to get full access to the functionality of our proven LogPoint technology and the entire LogPoint and ecosystem. Whether you are testing the solution for your business, or simply have personal, ad hoc needs for search, analytics and visualization of data – LogPoint Free is for you.

What is included in LogPoint Free?

We like to keep things simple and transparent: Full functionality!

Some highlights of what’s included:

• Easily upgrade the license and keep all configured intelligence if you decide to upgrade
• Your favorite analytics tools: Search, Alerting, Reporting, Dashboards
• Unlimited number of users
• Access to the knowledgebase and selected applications
• Full access to our awesome community

What happens if…

350 eps refer to the amount of data you can add per second. If you go above the 350 eps, the events exceeding the limit will simply be dropped without any penalty to functionality. There is no limit on storage, which is only constrained by the supporting hardware. If you need more than 350 eps or 10 nodes, easily upgrade to a LogPoint license suited to your needs. Support is included with LogPoint Free, but please note that response time is “best effort.”

You can download LogPoint Free completely for free HERE – get running in less than 5 minutes!

You can read the original article, here.

Information security professionals recognize that cyber attackers will exploit endpoint vulnerabilities and then make a beeline for privileged credentials. As a result, organizations are evaluating how they can take steps to secure privilege on the endpoint as a fundamental part of their security program.

CyberArk Viewfinity has enabled organizations to reduce both the attack surface and the risk of information stolen or encrypted and held for ransom—all while achieving the right balance between productivity and security. To keep pace with the ever-evolving threat landscape, we unveiled new threat protection features this week: CyberArk Viewfinity is now available as CyberArk Endpoint Privilege Manager.

By interlocking three core capabilities: privilege management, application control and new  credential theft detection and blocking, CyberArk Endpoint Privilege Manager represents a combination of powerful technology, deep research and best practices to stop attackers from advancing beyond the endpoint and doing damage.

Key enhancements include:

• The ability to detect and block credential theft attempts by malicious users and applications, including Windows credentials, remote access application credentials and those credentials stored by popular web browsers for use with, for example, corporate network and cloud applications.
• New behavioral analytics to block and contain advanced threats targeting credential theft at the endpoint.
• The ability to block hash harvesting at the endpoint to prevent Pass-the-Hash, an attack leveraging stolen credentials.

The introduction of CyberArk Endpoint Privilege Manager comes on the heels of an FBI flash alert that recommends prioritizing credential protection, including implementing least privilege and restricting local accounts, to limit a threat actor’s ability to gain highly privileged account access and move throughout a network.

CyberArk Endpoint Privilege Manager is available now. For additional resources on detecting and containing cyber attacks while effectively balancing security and productivity, visit this page.

You can read the original article, here.

It is with pride and great pleasure that we have the opportunity today to launch our Threat Intelligence application!

With this application, we provide a simple and efficient module for providing contextual attack information to observations from sensor data in your network.

Context

The Threat Intelligence application sources data from best-in-class ProofPoint and the large collection of indicators from Critical Stack. With these sources ingested, LogPoint can analyse structured and unstructed data, alerting if any match between the known-bad indicators and collected enterprise data is identified.

The LogPoint taxonomy and technology stack allows for inspecting any type of collected data, regardless if it comes from your ERP platform, online collaboration platform, hosted Office365 or firewall/antivirus platform. If the data is in LogPoint – it can be correlated with the indicators of compromise.

Reduce Time to Detection

Enterprise log-data is valuable when analysed in and of itself. By correlating your internal data with indicators of compromise, seemingly innocent data can hint at a potential issue. With pre-canned analytics in the form of alert-rules, dashboards and data mappings running out of the box, the Threat Intelligence application is a turn-key application.

Want to Know More?

You can read more about how to get started and set up Threat Intelligence in this blog post.

We also suggest you sign up for our webinar on Threat Intelligence! It takes place December 1st, 2016. Read more about it here.

You can read the original article, here.

If you read the Sophos Blog, you will undoubtedly be aware of how our next-gen endpoint solution can protect you and your business. Sophos is really proud of Intercept X and genuinely believes it’s the best product of its kind out there.

However, we realise that you may want to hear independent opinions as well, which is why we’re pleased to share ESGs Lab’s report with you.

When carrying out the testing, Enterprise Strategy Group (ESG) observed Sophos Intercept X’s performance as well as its agility, usability and reliability in detecting and preventing genuine advanced threats and signatureless exploits.

The tests involved:

• Emailing a Word document containing real ransomware code from, what appeared to be, that user’s manager
• Launching a stack pivoting attack that employed an exploit in a PDF file
• Downloading a free report file from the Web, which also downloaded a second file that attempted to zip up the contents of ‘My Documents’ and upload them to a command and control site

And the verdict?

Sophos Intercept X has made excellent progress closing many of the endpoint security gaps that still exist for organizations worldwide.

But, don’t just take their word for it. Try Sophos Intercept X for free!

You can read the original article, here.

In 2016 alone, hackers have taken over $1 Billion in the form of ransoms from users trying to retrieve their files after being infected with ransomware.

Ransomware is the most successful malware attack today. It works by locking up your files and crippling your systems until you’ve handed over money.

And, one of the biggest problems in the fight against ransomware is the constantly reinvented attacks.

Cybercriminals are finding new methods of spreading the malware, evading detection and even developing ransomware that deletes itself as soon as files are encrypted so that even IT security teams are unable to uncover what variant is on the system.

This video digs deeper into the inner workings of ransomware, techniques employed by crooks to evade traditional technologies and how it malware can be stopped:

You can read the original article, here.

With Version 4.4.3, SEP sesam can now be considered one of the leading data backup solutions for VMware environments. With SEP sesam, the data of organizations and enterprises is protected 24/7 and always available. The new SEP sesam version 4.4.3 is one of the leading data protection solutions for VMware environments.

The new release supports:

1. The start of VMs directly from backup storage

2. VMs can be used immediately because no time is lost performing restores. VMware vMotion automatically moves productive VMs from backup storage to productive VMware storage during operations.

3. Backed-up VMDKs can be attached to productive VMs with Linux, Windows and Open Enterprise Server operating systems regardless of the platform.

4. Single file restore from CBT Full, Inc, and Diff backups

5. Instant recovery from CBT Full, Inc, and Diff backups

6. Single file restores and instant recoveries from deduplicated Si3 backups are also possible

7. SATA disks in addition to SCSI disks during backup and restore via the transport mode Hot-Add.

8. Full functionality is ensured for Linux backup servers and remote device servers.

9. We are looking forward to your participation.

SEP sesam supports a wide range of databases having some very important benefits:

The inaugural 2016 Security Excellence Awards by UK magazine Computing saw Sophos collect two industry prizes last night: SafeGuard 8 took the Data Encryption Award and Sophos XG Firewall won the Firewall Solution and UTM Award.

The ceremony was held in London in the shadow of the Shard, where the Sophos representatives enjoyed the somewhat surprising, albeit entertaining, performance of the skinny public-schoolboy-looking freestyle-rapping presenter, Chris Turner.

Out of the hundreds of companies shortlisted for the 21 awards, Sophos was one of very few companies to collect more than one prize on the night.

Sophos SafeGuard 8, its revolutionary next-gen Synchronized Encryption technology, was up against strong competition from companies including Covata, Vormetric and Cloudview. Sophos XG Firewall, with its ultimate firewall performance, security and control, faced heavy rivals including Barracuda and Panda.

Thanks to the solid efforts of the SafeGuard and XG Firewall product teams, once the dust settled and the freestyle rap had died down, there was only one winner in two of the top categories: Sophos.

All in all, we’re very pleased with our results in this first ever year of the Computing Security Excellence Awards, and we are looking forward to collecting many more prizes in years to come.

You can read the original article, here.

After being recognized by Gartner as a leader in seven consecutive Magic Quadrants for Mobile Data Protection, we continue our success by being one of the vendors with the most comprehensive solution in the new Gartner report, Market Guide for Information-Centric Endpoint and Mobile Protection.

This new report by John Girard of Gartner is the replacement for the now retired Gartner Magic Quadrant for Mobile Data Protection. It defines nine different methods for information-centric endpoint protection, ranging from basic device protection to comprehensive file-based protection methods.

Of the 18 representative companies discussed in the report, Sophos is one of only two companies that can provide a solution for every single method with Sophos SafeGuard and Sophos Mobile Control.

Sophos SafeGuard, with its always-on file-based Synchronized Encryption, will protect your files wherever they go, for example when shared across platforms, emailed, or uploaded to cloud-based storage. The secure container technology and personal information management (PIM) capabilities in Sophos Mobile Control provide secure collaboration everywhere, working across mobile devices without compromising security and preventing accidental data leakage.

We agree with Gartner that, considering that information is highly mobile in today’s world, data protection solutions can no longer be centered around full disk encryption but should instead account for the many ways that business information needs protection as it moves.

To find out what Gartner says about the Information-Centric Endpoint and Mobile Protection marketplace, download the complete Market Guide here.

You can read the original article, here.

Sophos a global leader in network and endpoint security, today announced that it has acquired Barricade, a pioneering start-up with a powerful behavior-based analytics engine built on machine learning techniques. The team and technology from Barricade will strengthen Sophos’ synchronized security capabilities and its next-generation network and endpoint protection portfolio.

The developers and data scientists at Barricade have created a technology platform that can significantly enhance the ability to identify malicious or suspicious behavior. Using machine learning and artificial intelligence, it extends the capabilities of rule-based detection technologies that will be increasingly challenged to keep up with the growth of sophisticated and complex attack patterns.

“Barricade has an impressive team of experts in data science and machine learning, and they share the Sophos vision for security made simple,” commented Bill Lucchini, senior vice president and general manager of the Cloud Security Group at Sophos. “Delivering advanced protection to partners and customers without adding layers of complexity is at the core of our product strategy. Enterprise-grade security should be available to all organizations, and the acquisition of Barricade will accelerate the next phase of synchronized security innovation across the Sophos Central management platform.”

Sophos is recognized as a leader in endpoint and network protection with a growing set of next-generation technologies that leverage behavior-based analytics, such as the signatureless threat and exploit detection and root cause analysis recently released in Sophos Intercept X.

“We share the same development philosophy as Sophos – IT security can be complex but managing security products shouldn’t be,” said David Coallier, CEO at Barricade. “We are proud of the technology we have built and are pleased to join the team at Sophos focused on artificial intelligence and machine learning based security analytics. Driving the development of our technology into a comprehensive security solution that every IT professional can use presents us with the next phase in our exciting journey.”

Sophos will maintain the offices in Cork, Republic of Ireland. Barricade CEO David Coallier and the team of developers, data scientists and engineers will join the Sophos Cloud group that reports into general manager and senior vice president of the Sophos Cloud Security Group, Bill Lucchini.

You can read the original article, here.

Sophos Central has integrated many of the products a business needs to stay secure. However, we realize that many organizations have products from multiple vendors and leverage a SIEM (security information and event management) to try to make sense of all the security events produced by all those disparate products.

With data flowing fast, IT teams face a big challenge when it comes to maintaining some semblance of coherent visibility into the vast amounts of information they’re constantly receiving from all their different vendor products.

In that spirit, we’re pleased to announce that SIEM integration has been added to Sophos Central. Whether you use Splunk, ArcSight, or any other major SIEM, you’ll find it easy to connect to Sophos Central. You’ll get real-time insight into the events and alerts for all your Sophos Central products. It’s one integration whether you’re using Endpoint Advanced, or Wireless, or our next gen endpoint, Intercept X, or Email protection, or Encryption… they all work together so it’s a single integration.

Setup couldn’t be easier. Take a look at this short demo video to get an idea of how to get SIEM integration up and running within your organization:

We put a lot of thought and hard work into our SIEM integration solution and we hope you enjoy its benefits as much as we enjoyed building it. With our recently released audit logs and RBAC features, SIEM integration is yet another step forward as we seek to improve the efficiency of IT teams large and small.

You can read the original article, here.

Ransomware has the potential to cause massive disruption to an organization’s productivity. So it’s vital to understand how to build the best possible defense against it.

The producers of ransomware aren’t just idly waiting for their bit of malware to hit its target. They work in professional teams, constantly updating and enhancing new variants of ransomware – and if you’re caught, the consequences can be severe.

But why are these attacks succeeding? How does a typical infection take place? And what security systems should an organization have in place to get the best possible defense?

How to Stay Protected Against Ransomware is a guide from Sophos designed to answer these key questions. Easy to follow and digest, it takes you through a typical attack, offers best security practices to implement, and details the security solutions that all organizations should be using.

It covers:

• The most common ransomware delivery methods
• How security holes and ransomware advances are driving attacks
• Nine best practice security tips to help you stay secure
• Critical security features that all organizations need

Download the FREE whitepaper now to arm yourself with the knowledge to stay safe against ransomware.

And, check out The End of Ransomware page at Sophos.com for everything you need to know to stop ransomware.

You can read the original article, here.

SEP’s Hybrid Backup and Disaster Recovery solution SEP sesam is especially well suited for heterogeneous IT infrastructures of any size. SEP sesam protects absolutely reliable any company data and supports all virtualization platforms, operating systems, applications and databases, up to SAP HANA, on physical machines and in virtual environments.

25 years of experience in the development of backup software, high quality and data protection standards and an attractive price-performance-ratio are just some of the facts about the numerously certified Backup and Disaster Recovery Solution SEP sesam.

With SEP sesam, the data of organizations and enterprises is protected 24/7 and always available. The new SEP sesam version 4.4.3 is one of the leading data protection solutions for VMware environments.

SEP sesam is ideal for every IT-environment. From small businesses up to major enterprises, SEP sesam supports all common operating systems, virtualization platforms, applications, databases and storage technologies. Secure enterprise-wide backups, restores, and disaster recoveries are extremely fast and easy to implement and to perform. SEP sesam’s multi-streaming technology allows simultaneous backups of an unlimited number of servers. The result is maximum speed performing restore-oriented backups.

Backing up your databases has never been easier as SEP sesam is able to back up the database and database instances directly to any storage media without intermediate storage on the file system. The database communicates directly with SEP sesam and the database management console provides a view of all available databases. SEP sesam supports a wide range of databases having some very important benefits:

• Disaster recovery is managed within SEP sesam GUI and is more easily controlled
• No file system overwrite caused by the redologs, which are deleted automatically after backup
• SEP sesam ensures data integrity in the event of a restore or recovery
• Full system (database) recovery or a point-in-time recovery options
• No file system overwrite; the backup does not take place on the client computer
• Prevents single point of failure with the backup server in a separate virtual backup location
• SEP sesam supports a wide range of databases, including: Oracle, MS SQL, IBM DB2, Informix SAP R/3, MaxDB and more

You can read the original article, here.

We’re pleased to announce the availability of Sophos Web Gateway – the easy-to-deploy, easy-to-trial web security solution – in additional regions, and there’s a significant update to the product interface coming at the end of November.

What’s new?

1. Sophos Web Gateway (Central Web Gateway Advanced) will be available in additional regions from 7 November.

2. A new, dedicated, product interface for Sophos Web gateway integrated into Sophos Central will be available from the end of November.

Where is it available?

Sophos Web Gateway is now available in all regions except Middle East and Africa.

How will the product interface change?

Sophos Web Gateway will have its own dedicated area within the Central interface towards the end of November. This update makes Web Gateway even more intuitive and easy to configure and manage.

You can learn about some of the great features and benefits that Sophos Web Gateway adds in the three-minute video below

Are there any limitations?

Customers must choose either the US or Ireland data center when enabling their Sophos Central account in order to use Sophos Web Gateway.

Sophos Web Gateway is not at present available from the Frankfurt data center. Once chosen, a Sophos Central account data center location cannot be changed. For customers using the Frankfurt data center who wish to use Sophos Web Gateway, the only option right now is to create a new Central account and choose either the US or Ireland data center. This is due to a limitation in the functionality of Amazon Web Services in the Frankfurt data center. The product team is working to resolve this with Amazon but there is no immediate timescale for this to be fixed.

Of course, if you prefer a hardware or virtual appliance, the new and improved Sophos Web Appliance provides an ideal alternative.

The innovation doesn’t stop here: the team is going to make some significant waves  next year with a hybrid Secure Web Gateway that will work like nothing else in the industry. Our next-generation Secure Web Gateway will offer a seamless migration path for both web appliance and Central customers, so your investment is protected whatever you choose today.

So, how are you protecting your mobile users against web threats? With Sophos Web Gateway you have the perfect Sophos Central answer.

You can read the original article, here.

They say you never get a second chance to make a first impression, but with the Sophos Web Appliance 4.3.0.1, we’re offering our customers a second 30-day trial of Sophos Sandstorm.

Try Sandstorm for a second time to see the value it can bring to your defenses against Ransomware, Advanced Persistent Threats (APTs) and unknown malware.

SWA 4.3.0.1 (now available) resets the Sandstorm trial state so that customers who have previously tried Sandstorm can run another trial to try out the great new features introduced in version 4.3.

With the much-requested file submission feature – added in SWA 4.3 – SWA administrators can quickly and easily submit a suspicious file using the SWA dashboard, by uploading the file or submitting a URL. A trial or full Sandstorm license is required for file submission.

What’s more, you can now select the data center to which you send files for analysis by Sandstorm – allowing customers to ensure that any data residency compliance requirements are met.

Getting started with Sandstorm in SWA is easy – watch the video below to see how…

If you need more information, there’s plenty on our dedicated Sandstorm page.

SWA customers will be updated through our standard staged process – beginning with the first 1% of deployments before moving on to the remaining appliances. You can read the release notes here.

You can read the original article, here.

The biggest ICT & Media Conference in SE Europe, widely regarded as the major annual meeting of all the digital market stakeholders, as well as all those using specialized tools and services in order to implement Digital Transformation, is not far away. It is quite clear that time has come for the real economy to take the reins of growth.

The market has entered a restructure era on its technological, investment and strategic orientation; there is no doubt that “digital bridges” are the only way-out towards new economy, the exit of the country from the fringe and the reclamation of lost competitiveness. The 18th InfoCom World, under the motto Digital Economy: The Highway of NGN, opens a most dynamic way to development! Information & Communication Technologies are the main components of infrastructure, services, products and content.

The main motto of the Conference, Digital Economy: The Highway of NGN, expresses in the best possible way what will be the next day in this market. The key word is speed – for that reason, the title of the first session is “NGN – Full Speed Ahead”. In this session, all available technologies will be presented along with the institutional and regulatory interventions needed. Clearly, in order for all that to succeed, investment is essential and that is the reason why the title of the second session of the Conference is “Digital Economy: Investing in Opportunities”.

The third session focuses on the executives which are called to implement the New Generation Networks revolution.  Greek managers are famous for their efficiency and high performance standards, when  working either locally or abroad. Which absolutely justifies the title “Digital Greece Worldwide: Α High Tech Society!”.

Finally, during the last session, the traditional “Leaders Summit” -this year under the title «New Generation Investments»- the leaders of the Greek ICT market will talk about the evolution of technology and the new, more demanding needs, requirements for new investments, collaboration schemes and synergies, co-exploitation and different distribution models which change the way to contact the final user. Institutional and regulatory interventions will also be examined, along with their footprint in the real economy.

The enterprise community, high-ranking executives in the fields of Telecommunications, Informatics and Media, CEOs, CIOs and IT Directors, Operation Managers, Data Center & Cloud Experts, Network Engineers, IT Strategists & Solution Architects, Manufacturers and Suppliers of Tech Equipment and Consumer Electronics, all of them are taking part in the upcoming InfoCom World Conference.

NSS, Sophos and CyberArk will have a strong presence in an Infocom conference with Sebastian Kaiser, Sales Engineer CEEMEA of Sophos and Bogdan Tobol, Regional Sales Executive – South-Eastern Europe of CyberArk.

Sebastian Kaiser, Sales Engineer CEEMEA, Sophos
13:00 – 14:45 2nd Session: Digital Economy: Investing in Opportunities

Workshop
Auditorium “NAOUSA” 11:15-12:30 “Privileges. The beginning”
Speaker: Bogdan Tobol

Privileges. The beginning.
Uncontrolled access to super-user and administrator accounts leads to unnecessary privileges and is one of the biggest challenges organizations face today.

Workshop
Auditorium “FLORINA” 10:00-11:15 “Sophos XG Firewall v16 technical workshop”
Speaker: Sebastian Kaiser

Sophos XG Firewall v16 technical workshop
Introduction to Sophos XG Firewall v16 that has just been released, providing a high-level technical understanding of the Sophos SFOS Operating System and the different XG modules. Analysis of the components including policies, system configuration, operational management along with basic troubleshooting.

Document exploitation is a well-known method of distributing malware in the malware community. A common theory for why crooks use booby-trapped documents is that victims can be more easily convinced to open document attachments than executables.

Word, Excel and PDF documents that contain so-called exploits – active booby-traps – have the added trick of not requiring their victims to manually enable macros, as is often the case for VBA downloaders.

The latest technical paper from SophosLabs explores why we’re seeing more document exploitation malware in the wild, and investigates the long-standing popularity of a document exploitation generator called Ancalog, which is widely commercially available.

It’s especially interesting to note that many of the vulnerabilities exploited by Ancalog were patched several years ago, often yielding poor results for the attackers. Nevertheless, the ease with which booby-trapped documents can be created with the Ancalog kit has made it the attack tool of choice for many cybercriminal organizations in Russia and Nigeria targeting Asian and African nations.

These cybercrime groups have been using this method steadily over the past two years, and there is no sign that they intend to give up. The ready availability of exploit creation tools in the cyber-underground has opened up document exploitation to a wide range of criminals, and Ancalog is the most popular of these tools nowadays.

Of course, the dependence of criminals on commercial tools like Ancalog that rely on old exploits is a disadvantage for the crooks and an advantage to the defenders. Ancalog doesn’t use zero-day exploits or even exploits that could be considered as new. Even the freshest exploit in its arsenal was fixed over a year ago, with the most commonly used security holes being from 2010 and 2012.

In other words, just applying current patches for Microsoft Office should disarm Ancalog attacks.

Read this new Sophos technical paper to gain a deeper understanding of Ancalog and how it is used by cybercriminals to deploy document exploitation attacks.

You can read the original article, here.

Make no mistake, your organization is a target – do you have an effective security program in place to detect and contain the damage of an attack? With nearly daily headlines about cyber attacks, it’s imperative that organizations understand the role privileged accounts play in the attack life cycle. 

If privileged credentials are not properly managed and protected, business leaders should be prepared to deal with the aftermath of a crippling breach.

Consider the role of privilege in the following scenarios:

• Ransomware Attacks: For many reasons, phishing is a popular attack strategy, and often the phishing emails that target employees with direct (or indirect) access to privileged accounts contain sophisticated malware, such as ransomware.

• Insider Threats: According to industry reports, it takes about 146-170 days to detect an in-progress attack. That’s plenty of time for a malicious insider with access to authorized, privileged accounts (or an external attacker that appears as a legitimate insider) to do real damage.
• Cloud Adoption: The fast-paced migration to the cloud and surge in automation tools comes with an increasing number of privileged accounts within IT infrastructures. This expands the potential attack surface exponentially.

These are just a few reasons why the first and most critical step in executing an effective, layered defense is to prevent the theft and exploitation of privileged credentials—across endpoints, servers and domain controllers, on-premises or in the cloud. Without these credentials, an attacker’s ability to move across the network is blocked. And if you block privilege escalation, you block the attack.

Check out our infographic for more information on the role of privileged accounts in the attack lifecycle, and learn why now is the time to give privileged account security the priority it deserves.

You can read the original article, here.

Sophos  today announced it has been positioned as a ‘Leader’ in Forrester Research, Inc.’s new report, The Forrester Wave: Endpoint Security Suites, Q4 2016. Recognizing that Sophos received the highest scores in the Strategy category, Forrester refers to Sophos Endpoint Protection as delivering “the most enterprise-friendly SaaS endpoint security suite.”

The report cites that “buyers will appreciate its intuitive administrative interface along with the flexibility and scalability required for most enterprise deployments, both large and small.” Forrester also found that overall Sophos customers report a “high level of satisfaction with the product’s effectiveness.”

Forrester evaluated 15 vendors against 25 criteria and categorizes vendor capabilities into three core needs: attack prevention, detection and remediation. The report recommends that before purchase, customers should consider a vendor’s ability to specifically:

• Detect malicious activity post-execution
• Prevent malware and exploits from executing
• Remediate and contain malicious activity and potential vulnerabilities

The report included vendors who have products with the above capabilities and have demonstrated an enterprise market presence with a high-level of interest for their solutions from enterprise customers.

In the report, Forrester also assesses a vendor’s strategy. Sophos scored a maximum rating across the board in the cost and licensing model, product roadmap and go-to-market strategy criteria. Forrester cites, “In a field crowded with both new and legacy endpoint security technologies, Sophos’ roadmap to develop strong signatureless prevention and detection capabilities…should make the product highly competitive over the long term.”

Sophos Intercept X is a next-generation endpoint security product that stops zero-day malware, unknown exploit variants and stealth attacks and includes an advanced anti-ransomware feature that can detect previously unknown ransomware within seconds. Sophos Intercept X installs alongside existing endpoint security software from any vendor, immediately boosting endpoint protection with signatureless detection. Sophos Intercept X is now available and more information can be found on the Sophos Intercept X website.

“This study assesses both traditional and next-generation security vendors against consistent criteria. The placement of Sophos on the strategy axis to the extreme right indicates to us that Sophos is taking the lead by adding next-generation technologies to our proven endpoint protection portfolio,” commented Dan Schiappa, senior vice president and general manager of the Enduser Security Group at Sophos. “I believe that our position as a ‘Leader’ in this report is a testament to Sophos’ continued ability to assess the dynamic security landscape and listen to our customer needs to develop effective endpoint security products that exceed expectations for protection and manageability. I am proud that our customers benefit from our industry-leading technology, our strategy for both on-prem and SaaS deployment through the Sophos Central cloud-based management platform and our ability to consistently bring innovative security products to organizations of all sizes.”

To download the Forrester Wave: Endpoint Security Suites, Q4 2016, please visit the Sophos website.

You can read the original article, here.

We’re pleased to announce the latest release of Sophos Web Appliance 4.3, which adds improved Sophos Sandstorm capabilities and completely updates the underlying Sophos Web Appliance operating system to a new improved kernel.

If you’re not familiar with Sophos Sandstorm, it gives your organization an extra layer of security to defend against fast-moving, targeted attacks, like ransomware, Advanced Persistent Threats (APTs) and newer, unknown malware.

Since its release, Sandstorm has become immensely popular with our customers, so we’re pleased to announce new features that makes Sandstorm even more powerful.

Submit suspicious files to Sandstorm through the Sophos Web Appliance dashboard

In response to customer requests, Sophos Web Appliance (SWA) 4.3 now has a file submission feature. With this, a SWA administrator can quickly and easily submit a suspicious file to Sandstorm using the SWA dashboard, just by uploading the file or submitting a URL. A valid Sandstorm license is required for file submission.

Here’s how easy it is:

Submit your file to Sandstorm in the dashboard:

You’ll then see a Sandstorm file submission confirmation page:

You’ll then see the Sandstorm activity result:

Comply with data residency requirements by choosing your Sandstorm data center location

In addition to the new file submission feature, you can also select the data center where you want to send files for analysis via Sandstorm to ensure that any data residency compliance requirements you may have are met.

Additional enhancements

• Numerous performance, stability and security fixes as part of the core OS upgrade.
• Removal of redundant support for YouTube for Schools, which Google has recently disabled.
• Administrators can receive email notifications if a Sandstorm submission turns out to be malicious after a user has downloaded it.
• Policy-based blocking of additional potentially dangerous file types, including Windows Scripts, Windows System Files, HTML applications.
• Support for using TLS 1.2 for all Sandstorm communications.

Please note: Soon Sandstorm reports will only be able to be retrieved via TLS 1.2. If you are running Sandstorm on V4.2.x, you should upgrade as soon as available to prevent loss of access to the Sandstorm reports through the dashboard. A valid full or trial Sandstorm license is required to enable Sandstorm in Sophos Web Appliance.

There’s lots to see in the new release of Sophos Web Appliance and Sandstorm. You can find out more here.

You can read the original article, here.