You can tell us just to notify you of what we find or we can collaborate with you on responses, or we can just do it all for you. If we find a threat that has somehow circumnavigated your defenses, we can respond to it for you (this is what we're famous for). We look at the telemetry we gather from system information and from our products and investigate suspicious activity that we find. We watch over all your devices 24/7 conducting threat hunting, monitoring, investigation, and response. MTR - Managed Threat Response (the team I'm on). You can run queries on your machines to find out what running processes there are. You can also use Live Response and open up a remote command line / terminal to any of your hosts and respond to threats etc. You could search your estate for these and see if any of your devices have seen them before.
Say you've heard about a new threat from a blog article and there's IOCs in there like httpx://evilguys.io/f123 or 123.12.06.66 or badfile.dll. There's mitigations and protections against software exploits, there's technologies designed to stop hackers stealing usernames and passwords, there's tech to identify files getting encrypted by ransomware and rollback the encrypted files to their unencrypted state, and more.ĮDR is another amazing set of tools that will let you hunt for threats. The product was designed to help defend against not just nasty files but hands-on-keyboard hackers. It offers a plethora of security technologies above and beyond antivirus. Intercept X Advanced is our flagship endpoint and server security product. What you've been quoted is far beyond a basic antivirus product which might explain why the price isn't as low as you expected. Hey! Full disclosure, I'm from Sophos - specifically part of the leadership team for our Managed Threat Response service.
0 kommentar(er)
