sb-nz logo
Story image

Sophos new server security offering defends ‘cybercrime bullseye’

23 Jul 2018

Sophos, a global provider of network and endpoint security, has released Intercept X for Server, its latest server protection offering that incorporates predictive deep learning technology that provides constantly evolving security against cyber threats.

Sophos’ deep learning neural networks are trained on hundreds of millions of samples to look for suspicious attributes of malicious code and prevent never-before-seen malware attacks.

SophosLabs research indicates that 75% of malware found in an organisation is unique to that organisation, indicating the majority of malware is previously unknown.

A recent Sophos survey reveals that two-thirds of IT managers worldwide do not understand what anti-exploit technology is, leaving their organisations vulnerable to data breaches.

Once inside a network, cybercriminals can use persistent and lateral moves to target and takeover servers to access the high-value data stored there.

Servers can also suffer collateral damage from ransomware and run-of-the-mill cyberattacks.

Attacks reaching servers can be more devastating to a business than attacks on endpoints, due to the critical data they hold.

“Servers are the bullseye for cybercriminals because they store valuable information and have a broader, system-wide organisational purpose than individual endpoints,” says Sophos products general manager and senior vice president Dan Schiappa.

“An entire company could get potentially wiped out if cybercriminals infiltrate its servers with ransomware or malicious code, or exploit vulnerabilities to gain access. Once breached, attackers can get deep in the network and have the ability to do some serious damage, as well as exfiltrate data.”

New features include:

Deep Learning Neural Network - Constantly updates and identifies critical attributes resulting in more accurate decisions between benign and malware payloads.

Active Adversary Mitigation - Blocks determined cybercriminals and persistent techniques commonly used to evade traditional anti-virus protection with Credential Theft Protection and Code Cave Utilisation, which detects the presence of malicious code deployed into legitimate applications.

Exploit Protection - Protects against browser, plugin or java-based exploit kits even if servers are not fully patched

Master Boot-Record Protection - WipeGuard expands upon Intercept X anti-ransomware technology and prevents ransomware variants or malicious code that target the master boot-record

Root Cause Analysis - Detection and incident response technology provides forensic detail of how the attack got in, where it went, what it touched, and provides recommendations on what to do next after an analysis of the attack

Cloud Workload Discovery for Server - Discovers and protects servers running on the public cloud, including Microsoft Azure and Amazon Web Services, and prevents risk exposure from rogue IT or forgotten assets.

Story image
Video: 10 Minute IT Jams – A glimpse inside a ransomware cell
This is our second IT Jam with SonicWall senior manager of product marketing Brook Chelmo, and in this video Brook walks us through his one-on-one experience with a member of a ransomware cell. More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
WhiteHawk ramps up cyber revenues with US$1.5 million contract extension
WhiteHawk Limited has been awarded a fiscal 2021 option extension of US$1.5 million (A$2.1M) under an existing seven-year contract.More
Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Story image
Palo Alto Networks extends cloud native security platform with new modules
Palo Alto Networks has announced the availability of Prisma Cloud 2.0, including four new cloud security modules, thus extending its Cloud Native Security Platform (CNSP). More