Sold by: Sophos
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Sophos Cybersecurity as a Service combines world class products, tools, services, and expertise into one holistic solution.
4.7
Overview
Your cybersecurity. Our responsibility.
Every organization wants the best cyber defenses, but very few have all the skilled resources to deliver them. With Cybersecurity as a Service for AWS (https://soph.so/caas ) we deliver world-leading protection for you or with you. All Sophos product and services offerings can be tailored to the exact needs of your organization's security program. Our integrated cybersecurity products automatically stop 99.98% of threats before they can run, while our threat hunting and neutralization experts monitor your environment 24/7, shutting down even the most advanced attacks on your behalf. Learn more about our services integration with AWS here: https://soph.so/awsmtp .
Sophos cloud products include:
- Cloud Security Posture Management: Sophos Cloud Optix continuously scans cloud environments to identify assets, assess their security and compliance settings, and identify malicious activity that may lead to data breaches - enabling you to quickly remediate misconfigurations and respond to threats. It integrates with AWS GuardDuty and SecurityHub and provides agentless malware scanning for the S3 storage service. Learn more: https://soph.so/cloud_optix
- Cloud Workload Protection: Sophos agents protect Windows and Linux hosts running in the cloud against modern threats, including ransomware. Learn more: https://soph.so/cwp
- Cloud Edge Firewall: Sophos Firewalls provide network visibility, protection, and response across public, private, and hybrid cloud environments. With cloud native, virtual, and physical appliances, Sophos Firewalls protect networks of any kind. Learn more: https://soph.so/ngfw
- Endpoint Protection: Sophos Endpoint agents protect your users against everything from common malware to advanced fileless threats and ransomware. Learn more: https://soph.so/endpoint
- Managed Detection and Response Service: Sophos MDR is the world's most trusted MDR service. Analysts leverage telemetry from AWS together with your endpoint, firewall, network, email, and identity solutions to accelerate threat detection, investigation and response across your full environment. Learn more: https://soph.so/mdr
Designed with SMB organizations in mind, Cybersecurity as a Service provides:
- Affordable threat protection: enterprise-grade cybersecurity that's cost effective for small businesses. Learn more: https://soph.so/smb
- An instant Security Operations Center: Managed by you, by us, or together. Simple, one-time installation gets you up and running in minutes.
- World-class cybersecurity defenses: Technology that works with hybrid cloud environments. From endpoint and network security to email and cloud, we have you covered.
- An expert team of cybersecurity professionals: Available 24/7/365. Our AI, malware and security operations specialists work together to constantly improve protection and help customers respond to incidents and breaches.
- A free intuitive cloud-based security platform: Sophos Central allows you to manage all your defenses in one place for maximum efficiency and cross-estate coordination. Providing simple management and reporting, Sophos Central also includes Threat Analysis tools for customers that operate their own security operations teams. Learn more: https://soph.so/sophos-central
Sophos provides a wide range of security solutions to protect users, networks, and cloud environments. To view all products please visit our Sophos Central listing page - https://soph.so/sophos-central .
Looking for custom pricing options? Contact us publiccloudsales@sophos.com
Highlights
- 24/7 Managed Detection and Response across Sophos and 3rd party products. Sophos MDR provides the most comprehensive native security integrations on the market, bringing together signals from endpoint, workload, network, email, cloud and mobile solutions. Learn more: https://soph.so/mdr
- Cloud native and hybrid cloud cybersecurity products provide protection for customers migrating to and in the cloud. Learn more: https://soph.so/cns
- A free cloud based unified management platform that centralizes reporting and configuration for all Sophos products and cybersecurity tools. Sophos Central facilitates sharing of real time threats, health and security information between Sophos products and enables automatic response actions to contain and eradicate threats. Learn more: https://soph.so/sophos-central
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
AWS Security Specialization
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Cloud Workload MDR | Managed Detection Response for server OS with XDR tools | $390.72 |
Cloud Optix Advanced | Agentless CSPM for AWS, K8s | $140.04 |
Cloud Edge Firewall | Firewall/IPS/Web/WAF/Sandbox: Price per Firewall includes all features | $3,424.00 |
Sophos MDR - Endpoint | Managed Detection Response for user workstations including XDR tools | $239.64 |
Vendor refund policy
Please refer to the Sophos EULA for details on our refund policies.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Sophos support portal for licensed customers with an existing SophosID: https://support.sophos.com Toll Free: 1-888-SOPHOS-9 (1-888-767-4679)International: 1-781-494-5800 To contact Support, please log into your Sophos Central Dashboard, click on HELP in the upper right corner, then click on CREATE SUPPORT TICKET. Or, visit https://www.sophos.com/en-us/support.aspx to go to the Sophos Community to find information and resolutions on common questions and issues.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Sophos
By Palo Alto Networks
By Juniper Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Threat Detection and Response
Automatic threat detection and neutralization with 99.98% threat interception rate, supported by 24/7 managed detection and response service with threat hunting and neutralization experts
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, detect malicious activity, and identify misconfigurations with agentless malware scanning for S3 storage and integration with AWS GuardDuty and SecurityHub
Endpoint and Workload Protection
Agent-based protection for Windows and Linux hosts against modern threats including ransomware, fileless attacks, and advanced malware
Network and Firewall Protection
Cloud-native, virtual, and physical firewall appliances providing network visibility, protection, and response across public, private, and hybrid cloud environments
Unified Management and Orchestration
Cloud-based centralized management platform enabling configuration, reporting, and real-time threat information sharing across endpoint, firewall, network, email, cloud, and identity solutions with automatic response actions
Application Layer Visibility and Control
Complete application layer-7 visibility and control of traffic with next-generation firewall capabilities in AWS environments
AI/ML-Powered Threat Detection
AI/ML-powered inspection engine with researcher-grade signatures for detection of zero-day threats, exploits, malware, spyware, and command and control attacks
Dynamic Policy Management
Policy definitions that dynamically apply to cloud assets based on AWS tags, Application IDs, User IDs, geographies, or zones without manual intervention
Cloud Infrastructure Integration
Seamless integration with Gateway Load Balancer, AWS Auto Scaling, and Transit VPC with AWS Transit Gateway for protection across dynamic and large-scale deployments
Advanced Threat Prevention Service
Cloud-delivered Advanced Threat Prevention security service with market-leading threat coverage against known and zero-day threats while maintaining performance
Next Generation Firewall Architecture
High-performance firewall solution with core firewall, VPN, NAT, and advanced L4-L7 security services including application security, IPS, and anti-virus capabilities.
Anti-Virus and Malware Protection
Cloud-based anti-virus protection that detects and blocks spyware, adware, viruses, keyloggers, and other malware over POP3, HTTP, SMTP, and FTP protocols.
Intrusion Detection and Prevention
Intrusion detection and prevention (IPS) system integrated with application visibility and control through AppSecure for threat detection and workload protection.
VPN and Secure Connectivity
IPsec and full mesh VPN termination services enabling secure connectivity from on-premises data centers, campuses, and branches to AWS cloud across geographically dispersed VPCs.
AWS Cloud Service Integration
Native integration with AWS services including Elastic Load Balancer, Auto-Scaling Groups, CloudWatch, Security Hub, Key Management Service, Elastic Network Adapter support, and Gateway Load Balancer with L3 gateway and L4 load balancer capabilities.
Standard contract
No
No
No
Customer reviews
Tonmoy Roy
Advanced threat detection has strengthened our incident response and protected client operations
Reviewed on Jun 06, 2026
Review provided by PeerSpot
What is our primary use case?
Sophos Cybersecurity as a Service is our main solution to ensure secure operations as we build and connect more clients successfully, while also addressing our specific requirements. We have been using Sophos Cybersecurity as a Service , which provides many functionalities, including a taskbar that shows resource consumption from PCs, leading to good customer feedback. When Sophos resources are low, customers purchase more, recognizing it as a useful product.
We use mobile device management (MDM ) services, and customer feedback indicates that it works very well for their custom work apps, benefiting both us and them.
Sophos Cybersecurity as a Service is deployed in our organization for cloud security purposes. Currently, we are not utilizing any specific cloud provider; instead, we are using Sophos endpoint security.
What is most valuable?
The best feature that Sophos Cybersecurity as a Service offers is Sophos XDR .
Sophos XDR stands out as the best feature for us and our clients because of its ability to investigate issues like a MITRE attack, conduct live discovery, and perform root cause analysis to understand how attackers attempt to access PCs.
Sophos Cybersecurity as a Service has positively impacted our organization by being very beneficial for our business and serving as a valuable income source.
The AI capabilities within Sophos Cybersecurity as a Service are very good, as it effectively detects incidents and tracks how issues occurred, providing a high level of security for banking and other sectors.
Sophos AI proves to be very capable for us in terms of input and output; when it detects any anomaly or file path, we are able to investigate it utilizing Sophos AI, which is very useful for us.
What needs improvement?
Sophos Cybersecurity as a Service is continuously consuming more resources, which leads to slower PC performance, so reducing resource consumption would be better for both Sophos products and our sales.
Improving the resource consumption aspect would enhance Sophos Cybersecurity as a Service market presence.
If Sophos antivirus could reduce its resource consumption during scheduled scans, it would help address the PC slowness issue.
For how long have I used the solution?
We have been using Sophos Cybersecurity as a Service for at least 10 years since our company was established in 2016, and we are still using it currently.
What do I think about the stability of the solution?
Sophos Cybersecurity as a Service is stable.
What do I think about the scalability of the solution?
The scalability of Sophos Cybersecurity as a Service is really great.
How are customer service and support?
Our customer support is excellent, with 24/7 availability, handling at least 15 calls per week to solve client issues.
Which solution did I use previously and why did I switch?
We did not use a different solution before opting for Sophos Cybersecurity as a Service; we have always focused on Sophos along with options like Palo Alto, Cortex XDR , and CrowdStrike.
What was our ROI?
We experience a return on investment from using Sophos Cybersecurity as a Service; for example, when we pre-configure it during installations for devices, it proves to be working well and saves time. I cannot provide specific monetary metrics since this is handled by our product team.
Which other solutions did I evaluate?
We did not evaluate any other options before choosing Sophos Cybersecurity as a Service; our team has consistently used Sophos Cybersecurity engineering and has not switched to other services such as XDR or CrowdStrike.
What other advice do I have?
When advising others about using Sophos Cybersecurity as a Service, I emphasize that the main reason to choose Sophos Cybersecurity as a Service is its effective incident management; unlike other providers such as CrowdStrike, which have faced issues with server hacks and resource consumption, Sophos Cybersecurity as a Service has maintained a good reputation and is our best solution. I would rate this product a 9 overall.
Higher Education
Reassuring, Proactive Security Monitoring You Can Trust
Reviewed on Jun 05, 2026
Review provided by G2
What do you like best about the product?
It’s reassuring to know that a team of professionals is continually monitoring our security environment and will take action if any threats arise.
What do you dislike about the product?
The only negative thing I can think of is the price
What problems is the product solving and how is that benefiting you?
Cybersecurity assurance that provides peace of mind for all stakeholders.
Harsh K.
Feels Like a Real 24/7 Security Team Backing You Up
Reviewed on Apr 24, 2026
Review provided by G2
What do you like best about the product?
What I like most about Sophos MDR is that it genuinely feels like having a real security team backing you up 24/7, rather than just another tool that throws alerts at you. It takes a lot of pressure off because it actually investigates and responds to threats, instead of leaving you to handle everything on your own.
What do you dislike about the product?
What I dislike is that the initial setup and fine-tuning can feel a bit complex at first, especially if you’re new to MDR services. Also, some of the deeper insights and controls seem limited unless you’re fully invested in the Sophos ecosystem.
What problems is the product solving and how is that benefiting you?
Sophos MDR helps us address the ongoing challenge of monitoring for threats and responding quickly without needing a large in-house security team. It reduces alert fatigue, speeds up incident response, and gives us confidence that threats are being actively managed around the clock.
Computer & Network Security
On-Premise Option, but Cost and Performance Need Improvement
Reviewed on Apr 09, 2026
Review provided by G2
What do you like best about the product?
The possibility to have on-premise solution
What do you dislike about the product?
This solution is no longer cost-effective and performance are not good
What problems is the product solving and how is that benefiting you?
Initially SOPHOS MDR was good and performing well but after some time we realize that other MDR could improve the service.
Eric Q.
24/7 coverage and incident response ideal for companies without an internal SOC
Reviewed on Mar 12, 2026
Review provided by G2
What do you like best about the product?
Utility: 24/7 coverage before incident response for teams or institutions that do not have an active or mature SOC, or for those who cannot hire an internal cybersecurity team to address complex threats.
What do you dislike about the product?
For now, there is nothing to dislike; the service offered by MDR Sophos is positive and its use has translated into fewer risks, costs, and protection for the institution's image.
What problems is the product solving and how is that benefiting you?
Continuous protection, quick incident response, human resource optimization, scalability, and integration with other information sources. Additionally, it allows sending logs to the Data Lake for better visualization and event analysis.