Sophos introduced new security capabilities against cyberattacks and exposed how malicious players are deploying ransomware “fast” attacks in a few hours in “The 2023 Active Adversary Report for Security Practitioners”.
High-speed attack mode
The Sophos X-Ops finds that attackers now operate in a new high-speed attack mode that can provide proximity to resources they can exploit.
“In the face of fast-moving adversaries who are continuously evolving their TTPs – and often blend the use of legitimate tools – to execute multistage attacks, cybersecurity defenses need to be dynamic and foresightful,” said Raja Patel, chief product officer at Sophos.
New innovative capabilities
- New Sophos Firewall v20 software with Active Threat Response: automatically shuts down attacks and blocks them from entering networks, without having to add firewall rules.
- Sophos Network Detection and Response (NDR) with Extended Detection and Response (XDR): monitors activity deep inside the network for suspicious and malicious traffic patterns
- Sophos XDR enhancements: connects security data across multiple sources to detect threats faster and stop active adversaries sooner.
“As attackers speed up their attack timelines, one of the best things organizations can do is increase friction whenever possible; in other words, if their systems are well maintained, attackers must do more to subvert them. That takes time and increases the detection window,” said John Shier, field chief technology officer at Sophos.