In the fight against ransomware and cyberattacks, UK security software company Sophos has acquired cloud-based security alert investigation and triage automation solution, SOC.OS. The move allows Sophos to expand its adaptive cybersecurity ecosystem solution beyond offering managed threat response and extended detection and response solutions to customers.
Sophos aims to have the UK-based SOC.OS technology available as part of its Managed Threat Response service before the end of 2022. The company also plans to integrate it into its SDR products by 2023.
Here’s a preview of a CRN interview with Joe Levy, Chief Technology Officer of Sophos, discussing how this acquisition improves visibility.
With the prevalence of cyberattacks, how do you see this acquisition advancing Sophos’s protections against hackers?
“We looked for ways to speed up ingestion in processing events and data from any third-party endpoint product, any third-party firewall, product, cloud security, identity and access management, gateways And when we found SOC.OS, we think they had just done an exceptional job of being able to ingest all of that data from all of those third-party sources, to reason it out in a way that we thought was just very impressive. And we’re very, we’re very committed to integrating this technology that they quickly introduced into the surface security offering and the product offering.
As the two companies merge, what do you want the partners to know?
“Often customers have mixed states, which means they don’t have just one vendor that they use to protect their entire operation, they have multiple vendors protecting different areas…And the consequence of this is too often that parts of the domain could be compromised, and there is no protection or visibility into the other parts of the domain, and what this will allow us to do is to have visibility on the areas of a customer’s business, where a Sophos product is not used to protect them, whether on the network, on the endpoint or in the cloud, regardless of the third party. that they could use it in other areas, it will give us visibility on that, and then we can use it to react and remedy anything that might deserve that attention.
And can you tell us a bit about how the acquisition will benefit the channel?
“It will be a great opportunity for our partners to be able to tell their customers that we can once again operate on their entire IT system. We’ve heard over and over that they love what we’re doing with MTR for the Sophos domain, they just wish we could do it for their entire IT and security domain. It’s going to give us the ability to deliver that. This is something we have heard from partner customers. And again, the simple fact of having access to this information can operate on the entirety of the data. It’s just going to make the job of analysts easier and it’s just going to translate into better security outcomes.
Dave Mareels, CEO and co-founder of SOC.OS, who transitioned to director of product management at Sophos, told CRNtv in a separate interview that the two companies complement each other.
“SOC.OS is a technology that helps these analysts simplify their lives when it comes to remediating these threats. Sophos, on the other side, has a load of customers and a huge distribution network. And so, the match was hand in hand. We can now bring this technology, the really exciting clustering technology to the world and have really, really good success in solving this problem of alert fatigue and lack of visibility on a global scale,” Mareels said.