Story image

Sophos new server security offering defends ‘cybercrime bullseye’

23 Jul 2018

Sophos, a global provider of network and endpoint security, has released Intercept X for Server, its latest server protection offering that incorporates predictive deep learning technology that provides constantly evolving security against cyber threats.

Sophos’ deep learning neural networks are trained on hundreds of millions of samples to look for suspicious attributes of malicious code and prevent never-before-seen malware attacks.

SophosLabs research indicates that 75% of malware found in an organisation is unique to that organisation, indicating the majority of malware is previously unknown.

A recent Sophos survey reveals that two-thirds of IT managers worldwide do not understand what anti-exploit technology is, leaving their organisations vulnerable to data breaches.

Once inside a network, cybercriminals can use persistent and lateral moves to target and takeover servers to access the high-value data stored there.

Servers can also suffer collateral damage from ransomware and run-of-the-mill cyberattacks.

Attacks reaching servers can be more devastating to a business than attacks on endpoints, due to the critical data they hold.

“Servers are the bullseye for cybercriminals because they store valuable information and have a broader, system-wide organisational purpose than individual endpoints,” says Sophos products general manager and senior vice president Dan Schiappa.

“An entire company could get potentially wiped out if cybercriminals infiltrate its servers with ransomware or malicious code, or exploit vulnerabilities to gain access. Once breached, attackers can get deep in the network and have the ability to do some serious damage, as well as exfiltrate data.”

New features include:

Deep Learning Neural Network - Constantly updates and identifies critical attributes resulting in more accurate decisions between benign and malware payloads.

Active Adversary Mitigation - Blocks determined cybercriminals and persistent techniques commonly used to evade traditional anti-virus protection with Credential Theft Protection and Code Cave Utilisation, which detects the presence of malicious code deployed into legitimate applications.

Exploit Protection - Protects against browser, plugin or java-based exploit kits even if servers are not fully patched

Master Boot-Record Protection - WipeGuard expands upon Intercept X anti-ransomware technology and prevents ransomware variants or malicious code that target the master boot-record

Root Cause Analysis - Detection and incident response technology provides forensic detail of how the attack got in, where it went, what it touched, and provides recommendations on what to do next after an analysis of the attack

Cloud Workload Discovery for Server - Discovers and protects servers running on the public cloud, including Microsoft Azure and Amazon Web Services, and prevents risk exposure from rogue IT or forgotten assets.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.