By Alex Gardner
For many organizations, Macs are a regular fixture in their IT estates. Whether they comprise just a few devices or a significant proportion, Macs need the same levels of cybersecurity protection and visibility as their Windows cousins.
Which is why in addition to proven protection from the latest Mac threats, Endpoint Detection and Response (EDR) is now available for Mac users in addition to Windows and Linux.
Intercept X Advanced with EDR gives both IT admins and cybersecurity experts the power to answer critical IT operations and threat hunting questions, and then remotely take any necessary actions.
Maintaining proper IT hygiene can be a significant time investment for IT admins. Being able to identify which devices need attention and what action needs to be taken can add another layer of complexity.
With Sophos EDR, you can now do just that – quickly and easily. For example:
Tracking down subtle, evasive threats requires a tool capable of detecting even the smallest indicators of compromise.
With this release, Sophos EDR is significantly enhancing its threat hunting capabilities. For example:
The features that make solving all the important examples above possible are Live Discover and Live Response.
Live Discover allows you to examine your data for almost any question you can think of by searching across Mac devices with SQL queries. You can choose from a selection of out-of-the-box queries, which can be fully customized to pull the exact information that you need, both when performing IT security operations hygiene and threat hunting tasks. Data is stored on-disk for up to 90 days, meaning query response times are fast and efficient.
Live Response is a command line interface that can remotely access devices in order to perform further investigation or take appropriate action. For example:
And it’s all done remotely, so it’s ideal in working situations where you may not have physical access to a device that needs attention.
Existing Intercept X Advanced with EDR customers will automatically see their Mac devices appearing for selection in Live Discover and Live Response by September 16.
Intercept X and Intercept X for Server customers that would like to try out EDR functionality can head to the Sophos Central console, select ‘Free Trials’ in the left-hand menu and choose the ‘Intercept X Advanced with EDR’ or ‘Intercept X Advanced for Server with EDR’ trial.
If you’re new to Sophos Central, start a no-obligation free trial of Intercept X Advanced with EDR today. You’ll get world class protection against the latest cybersecurity threats in addition to powerful EDR capabilities. Get started.
Live Discover and Live Response are available for Windows, Mac, and Linux devices.