Sophos has launched Managed Detection and Response (MDR) for Microsoft Defender, adding a critical layer of 24/7 protection across the Microsoft Security suite of endpoint, SEIM, identity, cloud, and other solutions to safeguard against data breaches, ransomware and other active adversary cyberattacks.
“Baseline security technology alone is not enough to defeat determined attackers who will find a way in, as evidenced by the cases our incident response team manages. Attackers are extremely persistent, and organisations need a human layer of security to conduct threat hunts, identify attacker behaviours attempting to evade security tools, and respond to stop attacks with speed and precision,” said Raja Patel, senior vice president of products and managed services at Sophos.
Sophos MDR for Microsoft Defender integrates telemetry from a broad range of Microsoft Security tools. Unlike other MDR offerings that limit support to Microsoft Defender for Endpoint or Microsoft Sentinel and provide minimal threat response capabilities, Sophos MDR fortifies the broader Microsoft Security suite, including:
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Cloud
- Microsoft Defender for Cloud Apps
- Identity Protection (Azure Active Directory)
- Office 365 Security and Compliance Center
- Microsoft Sentinel
- Office 365 Management Activity
Telemetry from these sources is automatically consolidated, correlated and prioritised with insights from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit of more than 500 security analysts, threat hunters, responders, data scientists, and other specialists across Sophos worldwide. This enables the Sophos MDR operations team to identify and stop more threats than Microsoft Security tools – or any security technology – can on their own.
“Rather than forcing them to rip and replace existing technologies, we support organisations with what they need, how and where they need it – regardless of what security solutions they already use. For channel partners delivering Microsoft Security offerings, there’s a tremendous opportunity to ensure customers are fully protected and maximising value from their existing deployments."
Raja Patel, Sophos
Sophos MDR for Microsoft Defender is available now to all Sophos MDR Essentials customers using security technologies included in Microsoft 365 E3 and E5 licenses. The customisable offering with different threat response options is available through Sophos’ global channel of reseller partners and Managed Service Providers (MSPs).
A people problem
According to IDC, 65% of organisations have had a significant ransomware event in the last 12 months despite significant investments in cybersecurity tools.
"It is often not a tool but a people problem. Most IT and security teams are generally overworked, understaffed and under resourced. They cannot triage and address the daily deluge of alerts and issues to get the desired protections promised from their current tool investments,” said Frank Dickson, group vice president for IDC's Security and Trust research practice.
He added: “"For organisations leveraging the Microsoft security stack, Sophos MDR assists those to realise the outcomes hoped for from their existing cybersecurity investments."
Sophos MDR offering has more than 17,000 customers of all sizes and across all industries. It can be delivered across end users’ existing third-party security deployments as well as Sophos offerings. In addition to Microsoft, organisations can also integrate telemetry sources from dozens of other vendors, including AWS. Google, CrowdStrike, Palo Alto Networks, Fortinet, Check Point, Okta, Darktrace, and many others, through the Sophos Marketplace.
Veeam integrates with new Microsoft 365 backup
In another development, Veeam Software is teaming up with Microsoft to strengthen protection of the latter’s products.
The cybersecurity vendor is integrating Veeam Backup for Microsoft 365 with newly launched Microsoft 365 Backup via their backup APIs to bring customers and partners new capabilities for backup, recovery, ransomware protection and business continuity.
Veeam plans to use this integration to deliver new innovations and experiences to Microsoft customers that need data protection and ransomware recovery to keep their businesses running.
“Today, every business is a digital business,” said Danny Allan, CTO at Veeam. “That means fast, reliable access and availability of data is critical to keep businesses running. Veeam is the leading provider of backup and recovery for Microsoft 365, with over 15 million users protected. We’re delighted to extend our advanced capabilities to customers and partners using Microsoft 365 Backup. We plan to deliver innovative new features and capabilities taking advantage of the power and reliability of the Veeam Data Platform which keeps businesses running.”
Work on the integration between Veeam Backup for Microsoft 365 and Microsoft 365 Backup via their backup APIs is underway, with general availability of our updated offering expected within 90 days of the Microsoft 365 Backup service being available.
Veeam Backup for Microsoft 365 is being used to protect more than 15 million users, eliminating the risk of losing Microsoft 365 data, including Microsoft Exchange Online, SharePoint Online, OneDrive for Business and Microsoft Teams. The addition of support for Microsoft 365 Backup will expand those industry-leading capabilities and will be available to all Veeam Backup for Microsoft 365 customers when it’s available.
