Story image

Sophos new server security offering defends ‘cybercrime bullseye’

23 Jul 18

Sophos, a global provider of network and endpoint security, has released Intercept X for Server, its latest server protection offering that incorporates predictive deep learning technology that provides constantly evolving security against cyber threats.

Sophos’ deep learning neural networks are trained on hundreds of millions of samples to look for suspicious attributes of malicious code and prevent never-before-seen malware attacks.

SophosLabs research indicates that 75% of malware found in an organisation is unique to that organisation, indicating the majority of malware is previously unknown.

A recent Sophos survey reveals that two-thirds of IT managers worldwide do not understand what anti-exploit technology is, leaving their organisations vulnerable to data breaches.

Once inside a network, cybercriminals can use persistent and lateral moves to target and takeover servers to access the high-value data stored there.

Servers can also suffer collateral damage from ransomware and run-of-the-mill cyberattacks.

Attacks reaching servers can be more devastating to a business than attacks on endpoints, due to the critical data they hold.

“Servers are the bullseye for cybercriminals because they store valuable information and have a broader, system-wide organisational purpose than individual endpoints,” says Sophos products general manager and senior vice president Dan Schiappa.

“An entire company could get potentially wiped out if cybercriminals infiltrate its servers with ransomware or malicious code, or exploit vulnerabilities to gain access. Once breached, attackers can get deep in the network and have the ability to do some serious damage, as well as exfiltrate data.”

New features include:

Deep Learning Neural Network - Constantly updates and identifies critical attributes resulting in more accurate decisions between benign and malware payloads.

Active Adversary Mitigation - Blocks determined cybercriminals and persistent techniques commonly used to evade traditional anti-virus protection with Credential Theft Protection and Code Cave Utilisation, which detects the presence of malicious code deployed into legitimate applications.

Exploit Protection - Protects against browser, plugin or java-based exploit kits even if servers are not fully patched

Master Boot-Record Protection - WipeGuard expands upon Intercept X anti-ransomware technology and prevents ransomware variants or malicious code that target the master boot-record

Root Cause Analysis - Detection and incident response technology provides forensic detail of how the attack got in, where it went, what it touched, and provides recommendations on what to do next after an analysis of the attack

Cloud Workload Discovery for Server - Discovers and protects servers running on the public cloud, including Microsoft Azure and Amazon Web Services, and prevents risk exposure from rogue IT or forgotten assets.

McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.