Sophos Managed Threat Response (MTR)

November 16th, 2020

Does your organization have the right tools to effectively manage the security of your network?

Domain Technology can provide your organization with those tools.  Domain employs Sophos Managed Threat Response (MTR) software to manage your security program around-the-clock.

Sophos MTR goes beyond simply notifying you of suspicious activity or attacks.  It functions proactively to defend against new and emerging threats, including even the most complex and sophisticated, by:

  • Identifying the scope and severity of threats
  • Initiating actions to disrupt, contain, and neutralize threats
  • Providing advice on what actions your organization can take to address the root cause of recurring incidents.

To delve deeper into the Sophos threat-hunting process, let’s take a look at how Sophos MTR combines machine learning technology with expert analysis, or what Sophos calls “machine-accelerated human response”.  Advanced threat protection must encompass the endpoints.  Endpoints are end-user devices and include:

  • Desktops
  • Laptops
  • Mobile devices

Endpoints function as points of access and create points of entry that can be open doors to nefarious attackers.  Sophos software encrypts data on endpoints and removable storage devices to protect against data leaks and loss. Most times attackers disguise their tactics, techniques, and procedures (TTPs) as legitimate behavior. Sophos’s proprietary investigation techniques identify and foil these attempts and prevent endpoint users (your staff) from executing unauthorized applications that could create vulnerabilities in the network.

Anti-virus software must include endpoint security to be successful. Protecting the network alone is simply not enough. This two-pronged approach to security safeguards individual devices as well as secures the web gateway by keeping unauthorized traffic from entering your company’s network, thereby blocking malicious traffic, viruses, and malware, and protecting important incoming and outgoing data.  Most importantly, it can prevent the exfiltration of your valued intellectual property (IP).

Sophos does all this and still allows you to own the decisions, including what actions you want to take and who should be included in the communications.  Domain and Sophos work with you during incidents. Once you are notified and provided with details, they work together and with you to prioritize and respond.  You will be informed of all actions taken to neutralize and prevent incidents.

Domain offers clients both Sophos MTR Standard and MTR Advanced to provide all-encompassing service for companies of any size.

Sophos MTR Standard provides:

  • 24/7 Lead-Driven Threat Hunting: Confirmed malicious activities are automatically blocked and terminated. Investigations uncover new indicators of attack and compromise that would have been otherwise missed.
  • Security Health Check: Proactive examinations of your operating conditions are conducted, and configuration improvements are recommended.
  • Activity Reporting: Communication through summaries of activities and prioritization of actions provides total transparency for your organization.
  • Adversarial Detections: Our team detects and differentiates between legitimate behavior and attackers’ tactics, techniques, and procedures (TTP).

Sophos MTR Advanced provides:

  • 24/7 Leadless Threat Hunting: We apply data science, threat intelligence, and the instincts of experienced threat hunters to head off attackers.
  • Enhanced Telemetry: Using other Sophos Central products, we use data from remote sources for recording and analysis to extend the scope of our investigation of malicious activities.
  • Dedicated Threat Response Lead: Domain and Sophos will work together until an active threat is neutralized.
  • Direct Call-In Support: Sophos support teams are available around the clock to answer calls.
  • Asset Discovery: As part of a proactive approach, during impact assessments and threat hunts, Domain and Sophos provide valuable insights and recommendations

Whether your company is large or small, emerging or established, get the tools you need for total cybersecurity, from the web  gateway to the endpoints.  The world-class team of Domain Technology and Sophos MTR can ensure your operating systems and valuable data are protected.

For more information, email info@domain-group.com, or call  610 374 7644 Opt 1.