Sophos unveils browser-led suite to govern AI & SaaS

Sophos has launched Workspace Protection, a new security suite focused on hybrid and remote work and on governance of employee use of web applications and AI tools.

The company positioned the product as an alternative to more complex Secure Access Service Edge and Security Service Edge deployments. It centres on a managed browser and integrates with Sophos Central, the company's cloud management platform.

Browser focus

Workspace Protection is built around Sophos Protected Browser, a Chromium-based browser powered by Island. Sophos said the product targets risks that arise in browser-led work patterns and in the growing use of software-as-a-service applications.

Sophos said the suite provides visibility into application usage and data handling at the "workspace level". The company said it can enforce policy within the browser. It also said it can manage access to web applications and control local data handling and web filtering.

Workspace Protection also includes other components that Sophos sells. These include Sophos ZTNA, Sophos DNS Protection, and an Email Monitoring System add-on for Microsoft and Google email services.

Sophos Protected Browser integrates Sophos ZTNA for access to private web applications, Sophos said. The company also said the browser supports SSH and RDP access for remote administration.

Sophos ZTNA is a Zero Trust Network Access component. Sophos said it provides "posture-based" access to private applications. The company said it limits connections to authorised users and compliant devices, and keeps applications off the public internet.

Sophos DNS Protection is a cloud-delivered DNS security service that customers can deploy to Windows endpoints as part of the suite, Sophos said. It blocks malicious or unwanted domains, according to the company.

The Email Monitoring System add-on monitors email traffic alongside Microsoft or Google email services, Sophos said. It provides detection of unwanted or malicious messages, including phishing, the company said.

Shadow AI

Sophos put Shadow IT and Shadow AI governance at the centre of the launch. The company said many organisations struggle to understand which AI tools employees use and which data goes into those services.

Sophos cited research that said more than half of employees worldwide now use AI tools at work, often before formal policies are established. It said Workspace Protection provides visibility and control at the workspace level. It said this supports risk assessment and policy enforcement for emerging technologies, including generative AI.

The suite also targets phishing and browser-based threats, Sophos said. It said attacks increasingly target users in modern work environments that rely on web applications and remote access.

Operational approach

Sophos also framed the product around operational simplicity. It criticised approaches that rely on multiple cloud-delivered services and centralised infrastructure. Sophos said those models require significant infrastructure, specialised expertise, and ongoing overhead.

The company said Workspace Protection secures the workspace directly. It said this avoids "backhaul" of traffic through central infrastructure. Sophos said the model reduces cost and operational burden. It said protections follow users and their application and internet usage wherever they work.

IDC Research Director Mike Jude linked the launch to broader security team pressures around complexity.

Jude said, "Security teams are increasingly impacted by complexity, especially as hybrid work, SaaS adoption, and AI tools continue to expand the workspace."

"Sophos Workspace Protection reflects a pragmatic shift in the market-delivering core SASE and SSE outcomes through an integrated, endpoint‐ and browser‐centric approach that simplifies deployment, reduces operational overhead, and helps organizations govern application and AI use without adding another layer of infrastructure."

Sophos CEO Joe Levy said the company sees a need for stronger governance of applications and data in current work environments.

"Sophos has long protected remote and hybrid workers with industry-leading endpoint and network security, but today's work environments demand stronger governance of apps and data," said Levy.

He continued, "Many SASE and SSE solutions add complexity and operational overhead while still leaving gaps in visibility and control. By combining Island's enterprise browser technology with Sophos' security capabilities and the Sophos Central platform, we are helping organizations govern AI use, protect critical data, and secure hybrid workforces with a solution that is easier to deploy and manage."

Island co-founder and CEO Mike Fey said the browser has become the focal point for applying access and data controls in day-to-day work.

"Hybrid work shouldn't mean tradeoffs between security and productivity," said Fey. "Island protects data, secures application access, and helps organizations safely embrace AI, all through the browser people already use. Integrating with the Sophos Central platform lets customers do that with less complexity and more confidence."

Sophos said customers and partners will gain access to Workspace Protection starting in February 2026.