Professional Documents
Culture Documents
Sophos-Intercept-X - For PCs License-Guide
Sophos-Intercept-X - For PCs License-Guide
Multiple Policies
Controlled Updates
Application Control
ATTACK SURFACE
Peripheral Control
REDUCTION
Live Protection
Pre-execution Behavior Analysis (HIPS)
Potentially Unwanted Application (PUA) Blocking
PREVENT
Scheduled Queries
Threat Cases (Root Cause Analysis)
INVESTIGATE
RESPOND
Sophos Clean
Data Retention
MANAGED SERVICE
Activity Reporting
AND RESPONSE
Adversarial Detections
Threat Neutralization & Remediation
24/7 Lead-less Threat Hunting
Threat Response Team Lead
Direct Call-in Support
Proactive Security Posture Management
Intercept X, XDR, and MTR Overview
Operating System Comparison
Web Security
ATTACK SURFACE
Download Reputation
REDUCTION
Live Protection
Pre-execution Behavior Analysis (HIPS)
Potentially Unwanted Application (PUA) Blocking
PREVENT
3
Intercept X, XDR, and MTR Overview
Operating System Comparison (continued)
Scheduled Queries
Threat Cases (Root Cause Analysis)
NVESTIGATE
RESPOND
Sophos Clean
Data Retention
MANAGED SERVICE
Activity Reporting
AND RESPONSE
Adversarial Detections
Threat Neutralization & Remediation
24/7 Lead-less Threat Hunting
Threat Response Team Lead
Direct Call-in Support 4
Features Features
RANSOMWARE
Ransomware File Protection (CryptoGuard)
Mandatory Address Space Layout Randomization
ANTI-
Bottom-up ASLR Automatic file recovery (CryptoGuard)
Null Page (Null Deference Protection) Disk and Boot Record Protection (WipeGuard)
Heap Spray Allocation
Dynamic Heap Spray
Web Browsers (including HTA)
APPLICATION
Stack Pivot
LOCKDOWN
Web Browser Plugins
Stack Exec (MemProt) Java
Stack-based ROP Mitigations (Caller)
Media Applications
Branch-based ROP Mitigations (Hardware Assisted)
Structured Exception Handler Overwrite (SEHOP) Office Applications
EXPLOIT PREVENTION
PROTECTION
LEARNING
Load Library
DEEP
Deep Learning Potentially Unwanted
Reflective DLL Injection Applications (PUA) Blocking
Shellcode False Positive Suppression
VBScript God Mode
Threat Cases (Root Cause Analysis)
INVESTIGATE
Wow64
RESPOND
REMOVE
Syscall
Sophos Clean
Hollow Process
DLL Hijacking Synchronized Security Heartbeat
Squiblydoo Applocker Bypass
APC Protection (Double Pulsar / AtomBombing)
Process Privilege Escalation
Dynamic Shellcode Protection
EFS Guard
CTF Guard
ApiSetGuard
Credential Theft Protection
MITIGATIONS
ADVERSARY
Sophos MTR: Advanced Includes all Standard features, plus the following: