Sophos Boosts Threat Detection Prowess By Fusing Deep Learning Into Intercept X Endpoint Security Tool


Printer-friendly version Email this CRN article

Sophos has rolled out the latest version of its Intercept X anti-exploit application to the general public, incorporating deep-learning technology to boost malware detection rates.

The Oxfordshire, England-based vendor said the new version of Intercept X would be the only product in the world to combine machine learning, malware and exploit blocking, and ransomware protections into a single offering, said Dan Schiappa, SVP and GM of Sophos's end-user and network security group. The new deep learning capabilities come courtesy of Sophos's February 2017 acquisition of Invincea.    

"The channel really embraced Intercept X," Schiappa told CRN. "It's been the fastest-growing product in the company's history."

[Related: Sophos CEO: Rise In Ransomware Shifting Security Budgets, Priorities From The Network To The Endpoint]

The addition of deep learning will make it possible for Intercept X to curate and label data even more accurately since it's now able to process hundreds of millions of samples rather than just tens of millions of samples, according to Schiappa. As a result, Intercept X will be able to make more accurate predictions at a faster rate with fewer false-positives as compared with traditional machine learning.   

Those new capabilities allowed Sophos to incorporate malware protection into Intercept X while keeping the product laser-focused on predictive security, Schiappa said.

For new customers, Intercept X retails between $20 and $40 per user for a one-year term, and scales based on volume and term length. Current Sophos Intercept X customers do not need to purchase new licenses to receive these new features.

Margins, meanwhile, should be very consistent with what partners have grown accustomed to around Intercept X, according to Schiappa.  

Sophos previewed Intercept X's new deep learning and exploit protection powers in early November through a 1,000-channel-partner early access program, the company said at the time. Partners in the pilot praised Sophos' ability to make the sophisticated technology consumable, according to Schiappa, meaning that some elements of Intercept X were as easy as flipping a switch and turning it on.

Pilot participants said user experience could be improved by making it possible for partners to access in-depth information more easily without having to go from a visual graphic to a tabular format, Schiappa said. Since receiving this feedback, Schiappa said Sophos has focused on making the experience more streamlined for security administrators wishing to see this data.

Sophos is building co-branded marketing materials with its channel partners around Intercept X, according to Schiappa, with the messaging focusing on ransomware and deep learning. Schiappa expects the latest version of Intercept X to gain traction in Sophos' entire channel community.

Intercept X is sold in tandem with Sophos Central Endpoint Advanced on 90 percent of occasions, Schiappa said, with the two offerings packaged together. On 10 percent of occasions, though, Schiappa said Intercept X is sold in tandem with a competitor's endpoint security product.

Printer-friendly version Email this CRN article