1.
INTRODUCING SOPHOS
INTERCEPT X
November 2016
Matt Cooke
Senior Product Marketing Manager

2.
A Leader in Endpoint Security
“Sophos delivers the most enterprise-friendly SaaS
endpoint security suite. Sophos offers a tightly integrated
suite of endpoint security capabilities, with a good
balance of advanced threat prevention, detection, and
automatic remediation. Buyers will appreciate its
intuitive administrative interface along with the flexibility
and scalability required for most enterprise
deployments, both large and small. Sophos is also one of
the few endpoint security suite vendors in this Forrester
Wave to offer a full-featured suite either on-premises or
through a SaaS-based service..”
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester
Wave™ is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and
comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources.
Opinions reflect judgment at the time and are subject to change.

3.
4

4.
Endpoint Security
has reached a
Tipping Point
• Attacks are from
within the perimeter,
focused on Software
Exploits
• Ransomware reaches
$1.2B in damages
• Lack of Threat
Intelligence after a
Breach

5.
Driving the Paradigm Shift to Next-Generation
6
ADVANCED
MALWARE
ZERO DAY
EXPLOITS
LIMITED
VISIBILITY

6.
TRADITIONAL MALWARE ADVANCED THREATS
The Evolution of Sophos Endpoint Security
From Anti-Malware to Anti-Exploit to Next-Generation
Exposure
Prevention
URL Blocking
Web Scripts
Download Rep
Pre-Exec
Analytics
Generic Matching
Heuristics
Core Rules
File
Scanning
Signatures
Known Malware
Malware Bits
Run-Time
Signatureless
Behavior Analytics
Runtime Behavior
Exploit
Detection
Technique
Identification

7.
EXECUTABLE
FILES
MALICIOUS
URLS
UNAUTHORIZED
APPS
REMOVABLE
MEDIA
EXPLOIT
PREVENTION
MS FILES
& PDF
!
ADVANCED
CLEAN
RANSOMWARE
PREVENTION
INCIDENT
RESPONSE
DETECT RESPOND
PREVENT
BEFORE IT REACHES DEVICE BEFORE IT RUNS ON DEVICE
NEXT GENERATION ENDPOINT
90% OF DATA BREACHES ARE
FROM EXPLOITS KITS
>90% OF EXPLOIT ATTEMPTS USE
KNOWN VULNERABILITIES
AND YET…
MORE THAN 60% OF IT STAFF
LACK INCIDENT RESPONSE SKILLS

8.
Introducing Sophos Intercept X
ADVANCED
MALWARE
ZERO DAY
EXPLOITS
LIMITED
VISIBILITY
Anti-Exploit
Prevent Exploit Techniques
• Signatureless Exploit Prevention
• Protects Patient-Zero / Zero-Day
• Blocks Memory-Resident Attacks
• Tiny Footprint & Low False Positives
No User/Performance Impact
No File Scanning
No Signatures
Automated Incident Response
• IT Friendly Incident Response
• Process Threat Chain Visualization
• Prescriptive Remediation Guidance
• Advanced Malware Clean
Root-Cause Analysis
Faster Incident Response
Root-Cause Visualization
Forensic Strength Clean
Detect Next-Gen Threats
• Stops Malicious Encryption
• Behavior Based Conviction
• Automatically Reverts Affected Files
• Identifies source of Attack
Anti-Ransomware
Prevent Ransomware Attacks
Roll-Back Changes
Attack Chain Analysis

9.
DEMO

10.
Sophos Intercept X
ADVANCED
MALWARE
ZERO DAY
EXPLOITS
LIMITED
VISIBILITY
Anti-Exploit
Prevent Exploit Techniques
• Signatureless Exploit Prevention
• Protects Patient-Zero / Zero-Day
• Blocks Memory-Resident Attacks
• Tiny Footprint & Low False Positives
No User/Performance Impact
No File Scanning
No Signatures
Automated Incident Response
• IT Friendly Incident Response
• Process Threat Chain Visualization
• Prescriptive Remediation Guidance
• Advanced Malware Clean
Root-Cause Analysis
Faster Incident Response
Root-Cause Visualization
Forensic Strength Clean
Detect Next-Gen Threats
• Stops Malicious Encryption
• Behavior Based Conviction
• Automatically Reverts Affected Files
• Identifies source of Attack
Anti-Ransomware
Prevent Ransomware Attacks
Roll-Back Changes
Attack Chain Analysis

11.
Deployment Options
34
Sophos Central Endpoint
Advanced
Antivirus and endpoint
solutions from other
vendors
SOPHOS INTERCEPT X

12.
36
matt.cooke@sophos.com