Sophos, which develops security solutions to target cyberattacks, established a strategic partnership with exposure-management company Tenable to provide its Managed Risk vulnerability and attack surface management service. This offering features access to a dedicated Sophos team that will leverages Tenable exposure-management technology and collaborate with security operations experts from Sophos MDR to provide attack surface visibility, continuous risk monitoring, vulnerability prioritization, investigation and proactive notifications.
The Sophos Managed Risk service can assess an organization’s external attack surface, prioritize the riskiest exposures – such as open RDP – and provide tailored remediation guidance to help eliminate blind spots and stay ahead of potentially devastating attacks.
“Sophos and Tenable are two industry security leaders coming together to address urgent, pervasive security challenges that organizations continuously struggle to control. We can now help organizations identify and prioritize the remediation of vulnerabilities in external assets, devices and software that are often overlooked. It is critical that organizations manage these exposure risks, because unattended, they only lead to more costly and time-consuming issues and are often the root causes of significant breaches,” said Rob Harrison, SVP for endpoint and security operations product management, Sophos. “We know from Sophos’ worldwide survey data that 32 percent of ransomware attacks start with an unpatched vulnerability and that these attacks are the most expensive to remediate. The ideal security layers to prevent these issues include an active approach to improving security postures by minimizing the chances of a breach with Sophos Managed Risk, Sophos Endpoint, and 24×7 Sophos MDR coverage.”
“While the latest zero day may dominate the headlines, the biggest threat to organizations, by a large margin, is still known vulnerabilities – or vulnerabilities for which patches are readily available,” said Tenable VP, global strategic partners and MSSP, Greg Goetz. “A winning approach includes risk-based prioritization with context-driven analytics to proactively address exposures before they become a problem. Sophos Managed Risk, powered by the Tenable One Exposure Management platform, delivers outsourced preventive risk management, enabling organizations to anticipate attacks and reduce cyber risk.”
Key benefits include:
- External attack surface management (EASM).
- Continuous monitoring and proactive notification of high-risk exposures.
- Vulnerability prioritization and identification of new risks.
Sophos Managed Risk is available as an extended service with Sophos MDR, which already protects more than 21,000 organizations, worldwide. The Sophos Managed Risk team is Tenable-certified and works closely with Sophos MDR to share essential information about zero-days, known vulnerabilities and exposure risks to assess and investigate possibly exploited environments.
Sophos Managed Risk is available with a term license through Sophos’ global network of channel partners and Managed Service Providers (MSPs). A Sophos MSP Flex version will be available in 2024.
Visit Sophos.com/Managed-Risk to learn more.
