Scribd Logo
Upload

Welcome to Scribd!

  • 30 views

    Intercept X: Highlights Build Your Next-Gen Endpoint Security

    Uploaded by

    Kevin Dsouza

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Intercept X: Highlights Build Your Next-Gen Endpoint Security

    Uploaded by

    Kevin Dsouza
    30 views2 pages

    Original Title

    sophos-intercept-x-dsna

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    30 views2 pages

    Intercept X: Highlights Build Your Next-Gen Endpoint Security

    Uploaded by

    Kevin Dsouza

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 2

    Intercept X

    Deep Learning Malware Detection, Exploit Prevention, Anti-Ransomware,


    Root Cause Analysis, and Sophos Clean
    Sophos Intercept X uses the right technique at the right time to stop unknown
    threats and deny the attacker. Layer on top of your antivirus or run with Sophos
    Endpoint Protection for full stack, next generation protection.

    Highlights Build Your Next-Gen Endpoint Security


    ÌÌ Trained deep learning The days of straightforward file scanning are long gone. Your goal is now to prevent
    models detect unseen threats from reaching your devices, stop them before they run, detect them if they
    malware have bypassed preventative methods, and not just clean up malware, but analyze and
    undo everything it does.
    ÌÌ Exploit Prevention stops
    the techniques attackers Sophos Intercept X uses multiple layers of technology that co-exist with your antivirus
    use to control vulnerable to provide full stack next-generation protection.
    software
    Deep Learning Malware Detection
    ÌÌ Active Adversary
    Trained in SophosLabs using deep learning neural networks, Intercept X will detect new
    Mitigation prevent
    and unseen malware files with high accuracy, without signatures. Alternate methods
    persistence on machine
    of machine learning often demand data scientists identify attributes to look for. The
    ÌÌ Root cause analysis lets resulting model is then limited by the effectiveness of the attribute selection and
    you see what the malware training data. Deep learning used in Intercept X identifies the important attributes to
    did and where it came from distinguish between malware and benign files for itself. This, coupled with an extensive
    training data set provided by SophosLabs, ensures an accurate and effective decision
    ÌÌ Sophos Clean removes the
    boundary is created between benign and malicious files. This trained model is smaller
    malware and the remains
    than 20mb in size and needs infrequent updates. Back in the cloud, SophosLabs is
    it left behind
    continuously training the model and monitoring the effectiveness of the decision
    ÌÌ Augments your existing boundary using new and previously unseen malware samples.
    antivirus investment
    Protect Vulnerable Software
    Vulnerabilities show up at an alarming rate. they represent flaws in software and
    need to be patched by vendors. new exploit techniques on the other hand show up
    on average only twice a year and are used over and over again by attackers with each
    vulnerability discovered. Exploit Prevention stops the techniques, stopping the attacker
    exploit the vulnerability before it can be patched.

    Effective Ransomware Detection


    CryptoGuard technology detects spontaneous malicious data encryption to stop
    ransomware in its tracks. Even if trusted files or processes are abused or hijacked,
    CryptoGuard will stop and revert them without any interaction from users or IT support
    personnel. CryptoGuard works silently at the file system level, keeping track of remote
    computers and local processes that attempt to modify your documents and other files.
    Intercept X

    Root Cause Analysis Four Steps to Protection


    Identifying malware and isolating and removing it solves the 1. Visit sophos.com/intercept-x to start your trial.
    immediate problem. But do you really know what the malware
    2. Create a Sophos Central admin account.
    did before it was removed, or how it was introduced in the
    first place? Root cause analysis shows you all the events that 3. Download and install the Intercept X agent.
    led up to a detection. You’ll be able to understand what files,
    4. Manage your protection via Sophos Central.
    processes, and registry keys were touched by the malware
    and activate your advanced system clean to rewind time.
    Technical Specifications
    Sophos Intercept X supports Windows 7 and above, 32 and
    Simplify Management and Deployment
    64 bit. It can run alongside Sophos Endpoint Protection
    Managing your security from Sophos Central means you
    Standard or Advanced when managed by Sophos Central.
    no longer have to install or deploy servers to secure your
    It can also run alongside third party endpoint and antivirus
    endpoints. Sophos Central provides default policies and
    products to add deep learning malware detection, anti-exploit,
    recommended configurations to ensure that you get the
    anti-ransomware, and root cause analysis, and Sophos Clean.
    most effective protection from day one.

    Features Features
    Enforce Data Execution Prevention

    RANSOMWARE
     Ransomware File Protection (CryptoGuard)  
    Mandatory Address Space Layout Randomization 

    ANTI-
    Bottom-up ASLR  Automatic File Recovery (CryptoGuard) 

    Null Page (Null Deference Protection)   Disk and Boot Record Protection (WipeGuard) 
    Heap Spray Allocation  
    Web Browsers (including HTA)  
    Dynamic Heap Spray 
    APPLICATION


    LOCKDOWN

    Web Browser Plugins  


    Stack Pivot  
    Java  
    Stack Exec (MemProt)  
    Media Applications  
    Stack-based ROP Mitigations (Caller)  
    Office Applications
    EXPLOIT PREVENTION


    Branch-based ROP Mitigations (Hardware Assisted)  
    Deep Learning Malware Detection
    DEEP LEARNING


    Structured Exception Handler Overwrite (SEHOP)   Deep Learning Potentially Unwanted
    Import Address Table Filtering (IAF)   Applications (PUA) Blocking 
    Load Library   False Positive Suppression 
    Reflective DLL Injection   Live Protection 
    Shellcode  
    Root Cause Analysis 
    INVESTIGATE


    RESPOND

    VBScript God Mode 


    REMOVE


    Wow64   Sophos Clean 
    Syscall   Synchronized Security Heartbeat 
    Hollow Process  
    Can run as standalone agent 
    DLL Hijacking  
    Can run alongside existing antivirus
    Squiblydoo Applocker Bypass  
    Can run as component of existing Sophos Endpoint agent
    DEPLOYMENT


    APC Protection (Double Pulsar / AtomBombing)  
    Windows 7 
    Process Privilege Escalation 
    Windows 8 
    Credential Theft Protection  
    Windows 8.1 
    MITIGATIONS
    ADVERSARY

    Code Cave Mitigation  


    ACTIVE

    Windows 10 
    Man-in-the-Browser Protection (Safe Browsing)  
    macOS* 
    Malicious Traffic Detection 
    * Features supported CryptoGuard, Malicious Traffic Detection,Synchronized Security
    Meterpreter Shell Detection  Heartbeat, Root Cause Analysis

    Already using Sophos Endpoint Protection with Enterprise


    Console for management? You can manage your endpoints Try it now for free
    using Sophos Central and enable Intercept X for automatic
    Register for a free 30-day evaluation at
    deployment.
    sophos.com/intercept-x.

    United Kingdom and Worldwide Sales North American Sales Australia and New Zealand Sales Asia Sales
    Tel: +44 (0)8447 671131 Toll Free: 1-866-866-2802 Tel: +61 2 9409 9100 Tel: +65 62244168
    Email: sales@sophos.com Email: nasales@sophos.com Email: sales@sophos.com.au Email: salesasia@sophos.com

    © Copyright 2017. Sophos Ltd. All rights reserved.


    Registered in England and Wales No. 2096520, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, UK
    Sophos is the registered trademark of Sophos Ltd. All other product and company names mentioned are
    trademarks or registered trademarks of their respective owners.

    2017-09-10 DS-NA (DD)

    You might also like