Story image

Sophos new server security offering defends ‘cybercrime bullseye’

23 Jul 18

Sophos, a global provider of network and endpoint security, has released Intercept X for Server, its latest server protection offering that incorporates predictive deep learning technology that provides constantly evolving security against cyber threats.

Sophos’ deep learning neural networks are trained on hundreds of millions of samples to look for suspicious attributes of malicious code and prevent never-before-seen malware attacks.

SophosLabs research indicates that 75% of malware found in an organisation is unique to that organisation, indicating the majority of malware is previously unknown.

A recent Sophos survey reveals that two-thirds of IT managers worldwide do not understand what anti-exploit technology is, leaving their organisations vulnerable to data breaches.

Once inside a network, cybercriminals can use persistent and lateral moves to target and takeover servers to access the high-value data stored there.

Servers can also suffer collateral damage from ransomware and run-of-the-mill cyberattacks.

Attacks reaching servers can be more devastating to a business than attacks on endpoints, due to the critical data they hold.

“Servers are the bullseye for cybercriminals because they store valuable information and have a broader, system-wide organisational purpose than individual endpoints,” says Sophos products general manager and senior vice president Dan Schiappa.

“An entire company could get potentially wiped out if cybercriminals infiltrate its servers with ransomware or malicious code, or exploit vulnerabilities to gain access. Once breached, attackers can get deep in the network and have the ability to do some serious damage, as well as exfiltrate data.”

New features include:

Deep Learning Neural Network - Constantly updates and identifies critical attributes resulting in more accurate decisions between benign and malware payloads.

Active Adversary Mitigation - Blocks determined cybercriminals and persistent techniques commonly used to evade traditional anti-virus protection with Credential Theft Protection and Code Cave Utilisation, which detects the presence of malicious code deployed into legitimate applications.

Exploit Protection - Protects against browser, plugin or java-based exploit kits even if servers are not fully patched

Master Boot-Record Protection - WipeGuard expands upon Intercept X anti-ransomware technology and prevents ransomware variants or malicious code that target the master boot-record

Root Cause Analysis - Detection and incident response technology provides forensic detail of how the attack got in, where it went, what it touched, and provides recommendations on what to do next after an analysis of the attack

Cloud Workload Discovery for Server - Discovers and protects servers running on the public cloud, including Microsoft Azure and Amazon Web Services, and prevents risk exposure from rogue IT or forgotten assets.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.