Sophos and Tenable® partnered to provide a vulnerability and attack surface management service, Sophos Managed Risk. The service combines the exposure management technology of Tenable and security operations experts from Sophos Managed Detection and Response (MDR) to provide attack surface visibility, risk monitoring, vulnerability prioritisation, investigation, and proactive notification to prevent cyberattacks.
Managing exposure risks
“We can now help organisations identify and prioritise the remediation of vulnerabilities in external assets, devices, and software that are often overlooked. It is critical that organisations manage these exposure risks because unattended, they only lead to more costly and time-consuming issues and are often the root causes of significant breaches,” said Rob Harrison, senior vice president for endpoint and security operations product management at Sophos."
“A winning approach includes risk-based prioritisation with context-driven analytics to proactively address exposures before they become a problem,” Greg Goetz, vice president of global strategic partners and MSSP at Tenable commented.
Sophos Managed Risk
The new service includes an External Attack Surface Management (EASM) for advanced identification and classification of internet-facing assets (web and email servers, web applications, and public-facing API endpoints).
It also claims to provide continuous monitoring and proactive notification of high-risk exposures through its proactive notification when it identifies a new critical vulnerability in the internet-facing assets of an organisation.
Sophos Manage Risk service features vulnerability prioritisation and identification of new risks by offering detection of high-risk and zero-day vulnerabilities and real-time notification to ensure identification, investigation, and response of critical internet-facing assets by order of importance.