Sophos Acquires SOC.OS, Expanding Its Adaptive Cybersecurity Ecosystem And Boosting Visibility
“We’re excited to be working with the SOC.OS team and we’re very excited to bring this solution to market for the benefit of all of our customers and our partners,” Joe Levy, CTO and CPO of Sophos says.
In the battle to prevent ransomware and cyberattacks, British security software firm Sophos has acquired the cloud-based security alert investigation and triage automation solution, SOC.OS. This move allows Sophos to expand its Adaptive Cybersecurity Ecosystem solution beyond offering Managed Threat Response and Extended Detection and Response solutions to customers.
Sophos aims to have U.K.-based SOC.OS’ technology available as part of its Managed Threat Response service before the end of 2022. The company also plans to have it integrated into its SDR products by 2023.
Here’s a look at a CRN interview with Sophos Chief Technology Officer Joe Levy explaining how this acquisition boosts visibility.
With how prevalent cyber-attacks are happening, how do you see this acquisition advancing Sophos protections against hackers?
“We’ve been looking at ways to accelerate the ingest in the processing of events and data coming from any third-party endpoint product, any third-party firewall, product, cloud security, identity and access management, secure web gateways. And when we found SOC.OS, we believe that they had just done a superlative job at being able to ingest all of this data from all of these third-party sources, to reason with it in a way that we thought was just very impressive. And we’re very, we’re very intent on integrating that technology that they brought rapidly into the surface security offering and product offering.
As the two companies merge, what do you want partners to know?
“Often customers have mixed the states meaning that they don‘t have just a single vendor that they’re using to protect their entire operation, they have multiple vendors protecting different areas…And the consequence of that too often is that parts of the estate could be compromised, and there‘s no protection or visibility in the other parts of the estate. And what this is going to enable us to do is have visibility into those areas of a customer’s operation, where it‘s not a Sophos product that’s being used to protect them either on the network or on the endpoint or in the cloud, whatever third party it is that they might be using in other areas, this will give us visibility into that. And then we can use it to react and remediate whatever it is that might deserve that attention.”
And can you talk a little bit about how the acquisition will benefit the channel?
“This is going to be a great opportunity for our partners to be able to tell their customers that we can operate on the entirety of their IT system again. We‘ve heard again and again that they love what we do with MTR for the Sophos estate, they just wished we would be able to do it for the entirety of their IT and security estate. This is going to give us the ability to deliver that. It’s something that we‘ve heard from customers from partners. And again, just having access to this information being able to operate on the entirety of the data. It’s just going to make the analysts job easier, and it‘s just going to result in better security outcomes.”
Dave Mareels, the CEO and Co-Founder of SOC.OS who transitioned into the director of product management role at Sophos, told CRNtv in a separate interview the two companies complement each other.
“SOC.OS is a technology that helps those analysts get on to the make their life a lot easier when it comes to remediating against those threats. Sophos, on the other side, has a load of customers and a huge distribution network. And so, the match was hand in glove. We can now take that technology, the really exciting clustering technology to the world and really have a have a really good hit at tackling this problem of alert fatigue, and lack of visibility at a global scale,” Mareels said.