Stop Ransomware Before It Takes Your Files Hostage
Ransomware is the number one malware attack affecting organizations today. It encrypts your files and holds them hostage until the ransom is paid, causing massive disruption to business productivity.
Sophos Intercept X features CryptoGuard, which prevents the malicious spontaneous encryption of data by ransomware—even trusted files or processes that have been hijacked. And once ransomware gets intercepted, CryptoGuard reverts your files back to their safe states.
Root Cause Analysis Provides Insight on Threats
You’ve been hit! How did it get in, where did it go, what else did it touch and—most importantly—what should you do now? We’ve got you covered.
Detailed, forensic-level analysis illuminates the root causes of attacks and their infection paths, and offers prescriptive guidance to help remediate infections today and bolster your security posture moving forward.
Exploit Prevention Stops Modern Threats
The unique technologies of Sophos Intercept X are designed to stop attackers before they have a chance to throw their first punch.
Rather than examining hundreds of millions of known malware samples, Intercept instead focuses on the relatively small collection of techniques used to spread malware. This way, we can ward off zero-day attacks without having even seen them first.
So Fresh and So Clean
Along with Intercept X we provide a powerful virus cleaner. While most traditional virus cleaners simply remove offending malware files, Sophos Clean goes the extra mile by eradicating the malicious code and registry keys created by malware as well. It’ll be like your machine was never infected in the first place.
ESG Lab First Look: Intercept X
"ESG Lab found Sophos Intercept X to be simple enough for an IT generalist, while providing features and functionality advanced enough for the professional security analyst."
Features:
Highlights
Anti-exploit zero-day
defense
Anti-ransomware
CryptoGuard technology
Root cause analysis
Lingering malware removal
with Sophos Clean
Augments your existing
antivirus investment
We have good news and bad news...
SE Labs puts Sophos Intercept X Advanced to the test
Build Your Next-Gen Endpoint Protection
The days of straightforward file scanning are long gone. Your goal is now to prevent
threats from reaching your devices, stop them before they run, detect them if they
have bypassed preventative methods, and not just clean up malware, but analyze and
undo everything it does to your endpoints.
Sophos Intercept X uses multiple layers of technology, allowing you to create your own
tailored next-generation endpoint security solution.
Protect Vulnerable Software
Anti-exploit technology stops threats before they become an issue by recognizing and
blocking common malware delivery techniques, thus protecting your endpoints from
unknown threats and zero-day vulnerabilities.
Effective Ransomware Detection
CryptoGuard technology detects spontaneous malicious data encryption to stop
ransomware in its tracks. Even if trusted files or processes are abused or hijacked,
Sophos Endpoint Protection will stop and revert them without any interaction from
users or IT support personnel. CryptoGuard works silently at the file system level,
keeping track of remote computers and local processes that attempt to modify your
documents and other files.
Root Cause Analysis
Identifying malware and isolating and removing it solves the immediate problem.
But do you really know what the malware did before it was removed, or how it was
introduced in the first place? Root cause analysis shows you all the events that led up
to a detection. You’ll be able to understand what files, processes, and registry keys were
touched by the malware and activate your advanced system clean to rewind time.
Add Next-Gen Protection to Your Traditional Security
Sophos Intercept X compliments existing anti-malware and antivirus implementations
delivering powerful next-gen anti-exploit and anti-ransomware protection traditional
products lack. By eliminating the attack vectors which traditional solutions don’t block,
Sophos Intercept X helps to harden your security posture and increase resilience.
Simplify Management and Deployment
Managing your security from Sophos Central means you
no longer have to install or deploy servers to secure your
endpoints. Sophos Central provides default policies and
recommended configurations to ensure that you get the
most effective protection from day one.
Intercept X Tech Specs:
Intercept X is available for devices running Windows 7 and above, 32- or 64-bit operating systems. Intercept X is designed to augment your existing endpoint security or antivirus software, giving you next-generation anti-exploit, anti-ransomware, root cause analysis, and advanced system cleaning technology. It can also be used in conjunction with Sophos Endpoint Protection Advanced.
Intercept X and Endpoint Protection Advanced are both managed by our unified console, Sophos Central. No servers to build—just log in to download the agent and configure all your policies from one place.
INTERCEPT X
ENDPOINT ADVANCED + INTERCEPT X
Before It Reaches Device
Web Security
Download Reputation
Web Control / Category-based URL Blocking
Device Control (e.g., USB)
Application Control
Browser Exploit Prevention
Before It Runs on Device
Anti-Malware File Scanning
Live Protection
Pre-execution Behavior Analysis / HIPS
Potentially Unwanted Application (PUA) Blocking
Exploit Prevention
Stop Running Threat
Runtime Behavior Analysis / HIPS
Malicious Traffic Detection (MTD)
CryptoGuard Ransomware Protection
Investigate and Remove
Automated Malware Removal
Synchronized Security Heartbeat
Root Cause Analysis
Sophos Clean
Existing Sophos Endpoint Protection customers using Enterprise Console or UTM to manage their endpoints must switch their endpoints to be managed by Sophos Central. See http://www.sophos.com/migrate for more info.
