Sophos Network Detection and Response
Product Overview
Sophos NDR continuously monitors network traffic to detect suspicious activities that may be indicative of attacker activity, leveraging a combination of machine learning, advanced analytics, and rule-based matching techniques.
It detects a wide range of security risks, including rogue devices (unauthorized, potentially malicious devices that are communicating across the network), unprotected devices (legitimate devices that could be used as an entry point), insider threats, zero-day attacks, and threats involving IoT and OT devices.
Plus, when combined with other security telemetry, Sophos NDR enables threat analysts to paint a more complete, accurate picture of the entire attack path and progression, enabling a faster, more comprehensive response.
To install Sophos NDR on AWS, a customer who has a Sophos Central Account and licensed to use MDR/XDR can download a cloud formation script from Sophos Central. When deployed in an AWS Account, the template will create a stack with all the required infrastructure to run Sophos NDR. Before creating the stack the user should accept a EULA on Marketplace for Sophos NDR AMI
Version
By
SophosVideo
Categories
Operating System
Linux/Unix, Ubuntu 20.04
Delivery Methods