Cloud posture has improved and security reports drive ongoing compliance and cost control
What is our primary use case?
I use Sophos Cloud Optix most of the time to harden our AWS infrastructure or Azure infrastructure, and sometimes I use it to meet different types of compliance requirements such as SOC 2 and ISO 27001.
I was working in a regulated company where the State Bank of the country is the regulator, so to provide them a compliance report, our infrastructure is optimized and there are no security gaps. I harden our cloud infrastructure and then provide the Sophos Cloud Optix report, which illustrates the current status of our security posture, helping me provide a detailed report.
I use Sophos Cloud Optix sometimes to find cost optimization gaps inside the cloud, such as unused resources, and the Sophos Cloud Optix dashboard explains very well about unused resources that must be deleted or taken care of, which helps us with cost optimization, including security groups that are created but not used.
What is most valuable?
I really appreciate most aspects of Sophos Cloud Optix, especially that we can set it up on AWS marketplace without needing to host a new machine. We can use their trial version where we can monitor a small number of resources without any additional cost.
Setting up Sophos Cloud Optix on AWS is not difficult at all, also because my team has experience with it, making it very easy and quick to set up a trial version that helps us see the initial posture of our security setup as we grow, and then they charge based on the cloud resources.
Sophos Cloud Optix impacts us positively in many ways, particularly in security, which is an important part. It is not just about fixing everything without a clear picture of what we have done to improve security, as there must be a portal explaining our progress, which I really appreciate, and it helps us save time and in optimization for performance and cost.
While I have not seen much for cost optimization as we have another great tool for it, Sophos Cloud Optix aids us to set up our infrastructure appropriately, making sure databases are in a private network, and if systems are wrongly set up, it helps us quickly mitigate those issues and provides a report indicating the problem.
I am really impressed with the way Sophos Cloud Optix provides its features, so I am not sure about any specific improvements needed.
I am really satisfied about the reports Sophos Cloud Optix generates, provided in a PDF format which is very useful for our recording purposes.
What needs improvement?
I believe there can be improvements in the logging mechanism, with more detailed information available about systems or network logs being beneficial.
For how long have I used the solution?
I started using Sophos Cloud Optix for the first time three or four years back when I was working in a small fintech company.
What do I think about the scalability of the solution?
I believe Sophos Cloud Optix is very scalable, as it automatically detects new resources in the cloud environment as it grows.
How are customer service and support?
I have not connected with Sophos Cloud Optix customer support yet, but I had a bad experience when our AWS cloud got compromised, leading to many resources being provisioned, and while Sophos Cloud Optix identified those resources, the resulting bill from AWS was quite high due to the usage charges, which I tried to investigate with the Sophos team, though I am not sure if they assisted with the refund.
How would you rate customer service and support?
How was the initial setup?
The initial setup process for Sophos Cloud Optix is really easy, just a few clicks, and you should be good to go.
What other advice do I have?
I have not integrated Sophos Cloud Optix with other tools, but I believe there are many integration options available.
The learning curve for new users on my team with Sophos Cloud Optix is not much complicated, though new team members definitely need some training on how to add things together, collect reports, and gather information from the dashboard.
I definitely recommend using Sophos Cloud Optix, even for small customers, as it helps to view the security posture of your infrastructure. I would rate this product 9 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Products are much .ore convenient and productive.
What do you like best about the product?
The insight is great. Products are really impressive.
What do you dislike about the product?
Nothing to dislike. All good. I find the product much better
What problems is the product solving and how is that benefiting you?
It's deduction technology is quite impressive and accurate which detects the thread and send a note send notification to inform about the details so that an automation based investigation can be performed to dissol the concern.
Sophos Cloud Optix is superb for auto-remediation of security incidents in our CloudFormation stacks
What do you like best about the product?
Sophos Cloud Optix is exceptional when it comes to infrastructure visibility, cloud resources inventory management and identifying potential security & compliance risks.
Its platform support for auto-discovery across multiple cloud environments is great & we obtain well-rounded insights from its intuitive dashboard.
Its cloud gap analytics aids us to pinpoint operational inefficiencies & ensures that we are properly aligned with client specifications & compliance standards.
After our EC2 instance deployments, we need to continuously monitor for misconfigurations and vulnerabilities in its security posture. Sophos Cloud Optix provides comprehensive visibility which helps us validate our configurations effectively.
What do you dislike about the product?
We utilize Sophos Cloud Optix platform for many of our AWS services management namely EC2, S3, RDS , IAM and CloudFormation.
For preventing unauthorized access and to enforce limited resource privileges, we manage our IAM users, roles and policies through the visibility offered in its dashboard.
Implementing an unified policy management utility is made simple thanks to its seamless integration with our AWS resources.
Overall, we are satisfied with the implementation & the governance features offered by Sophos Cloud Optix for our infrastructure management & cost optimization procurements.
What problems is the product solving and how is that benefiting you?
Recently, we did the analysis of our AWS CloudFormation templates with the help of Sophos Cloud Optix for config errors validation before deployment.
It actively tracks the changes made to any AWS resource in our infrastructure & offers real-time visibility into its security posture information.
Whenever there is any security issues/compliance violations in our CloudFormation stack deployment, Sophos Cloud Optix provides efficient auto-remidiation actions for enforcing compliance standards with our customer security policies.
We can also easily identify idle/unused resources that were deployed from CloudFormation stack. By deleting those stacks, we improve our resource allocation efficiency and minimize cloud expenditures.
With the insights provided by Sophos Cloud Optix, we can comprehend the relationships between the resources deployed via CloudFormation template thereby, prevent infrastructure changes that may potentially impact our production due to misconfiguration in their resource dependencies.
The highly commendable threat detection capabilities and other features of of Sophos Cloud Optix.
What do you like best about the product?
How the product identifies security gaps and vulnerabilities within cloud environments. Moreover, Sophos Cloud Optix empowers organizations to proactively address potential weaknesses and strengthen their overall security posture.
What do you dislike about the product?
Experiencing false positives and false negatives in the alerting and detecting of the threats. This may cause false alarms to users and question the product's credibility in the future.
What problems is the product solving and how is that benefiting you?
One of the problems Sophos Cloud Optix helps me solve is to conduct ongoing risk assessments; the platform identifies security gaps and vulnerabilities within cloud environments.
Advance Threat Protection & Response Package for our AWS VPC & workload protection is exceptional
What do you like best about the product?
* Sophos Cloud Optix enhances the visibility & transparency of our compliance role standards in our enterprise.
* Onboarding different team members for our infrastructure deployments in AWS is easy since its cloud security brings all insights under a single panel.
* Anomaly detection & vulnerability assessments for our AWS environment is top-notch, offering excellent mitigation recommendations & best practices.
What do you dislike about the product?
* Comprehension of its framework and extensive functionalities is quite challenging when you're new to its platform.
* It requires extensive levels of hands-on expertise and technical knowledge, which can be gained from going through their documentation & knowledge base,
* Once we get familiar with its platform, we can efficiently implement various cloud security approaches to incorporate all our needs under one roof.
What problems is the product solving and how is that benefiting you?
* Sophos Cloud Optix seamlessly integrates with our AWS security services to enhance protection against the latest threats.
* It effectively detects & blocks malware through its in-built threat attribute classifier.
* All malicious encryption approaches which might potentially be part of ransomware attacks are also prevented from getting involved with our environments.
* Various features such as threat protection, vulnerability management, security monitoring & response solutions are stacked well as a package. These services are excellent to layer up our cloud security for our AWS VPC and cloud workload protection.
Secure Cloud Management with Sophos
What do you like best about the product?
The best feature of Sophos is the level of visibility provided into our AWS assets. We found the platform to be a valuable tool for managing our cloud security with features like real time monitoring and easy-to-use interface. Once we could detect an unauthorized user attempting to access our iDaaS and take action ASAP.
What do you dislike about the product?
We would have liked it to be more extendable and customizable to cater the requirements of our iDaaS customers. Additionally, the learning curve is steeper for a first time user of Sophos Cloud Optix
What problems is the product solving and how is that benefiting you?
Sophos Cloud Optix provides deep visibility into our cloud environment, allowing to identify potential risks and vulnerabilities before they become a disaster. It also simplifies the process of securing our entire AWS by providing a single interface .
Very convenient and user friendly. Easy to use
What do you like best about the product?
Detects and fixes security threats and vulnerabilities in the Cloud, shows network traffic
What do you dislike about the product?
It doesn't add agents seamless. Would be good if it could add agents by integrating with AD.
What problems is the product solving and how is that benefiting you?
The threat detection is pretty cool!
Programming Control center like this is perfect for little and medium-sized projects.
What do you like best about the product?
Gadget and danger the board is straight forward. Strategies consider granular control of endpoints. Exhaustive danger examination and revealing. There is a legitimate Programming interface. Endpoint specialist establishment is programmed and handily remembered for framework arrangements.
What do you dislike about the product?
The electronic GUI for Sophos Focal can be challenging to explore. Bogus cautions can at times be created for endpoints when the Sophos Specialist on the client is refreshing or on the other hand on the off chance that there was a correspondence issue. Realtime checking on clients can cause execution issues is a few cases except if explicit rejections are set.
What problems is the product solving and how is that benefiting you?
The item assists me with "robotized episode reaction". Gives a caution consequently on episodes, for example, malware identification. Furthermore, it likewise makes network protection simpler and more compelling. You can show three sorts of alarms: high, medium, and low.
Featurefull of cloud security solution.
What do you like best about the product?
There many useful features present in SCO for cloud security. Ease of use and integration is what we want more from them. More stable product and gives better scalable solutions. their customer support is much better than many of the services. Even the support is provided while deploying the agent and the policies.
What do you dislike about the product?
As I have said earlier we need more user friendly and ease to use dashboard. Except that everything is better and no more changes that I'll ask for.
What problems is the product solving and how is that benefiting you?
Scanning the IAAS. In addition to that it helps to monitor with details.
VPC Inventory Management for our AWS Platform with Sophos Cloud Optix
What do you like best about the product?
Sophos Cloud Optix provides exceptional visibility for our multi-cloud platforms such as AWS, GCP, and Azure. We are capable of deducing our potential security risk factors, access privilege policies, and anomaly detection in its intuitive dashboard. It acts as a centralized cloud platform management utility that tracks our cloud services and gives suitable recommendations to improve performance and optimize resource utilization costs which is the best feature of Cloud Optix.
What do you dislike about the product?
Sophos Cloud Optix almost has all the features required to complete my requirements in our AWS, GCP, and Azure cloud platforms. Its compatibility with stack integration and security features to avoid customer data breaches is very reliable. There are no dislikes in my perspective about it.
What problems is the product solving and how is that benefiting you?
Primarily we utilize Sophos Cloud Optix for our VPC Inventory management in the AWS environment. It effectively tracks all our network compliances, and we can also search for a particular string or a line from all the environment configurations. By overviewing our Access Control List present in Cloud Optix, real-time NACL requests and security group updates on multiple AWS regions are made simple.
