Sophos ZTNA Uniquely Integrates with Industry-Best, Next-Generation Endpoint Solution – Sophos Intercept X; Improves and Simplifies Cybersecurity Protection Against Ransomware and Other Threats

New Sophos Research into a Midas Ransomware Attack Highlights Impact of Limited Access Controls

OXFORD, U.K.  — 一月 25, 2022 —

Sophos, a global leader in next-generation cybersecurity, today unveiled Sophos ZTNA, the only zero trust network access (ZTNA) offering that fully integrates with an industry-leading, next-generation endpoint solution – Sophos Intercept X – providing advanced endpoint protection and zero trust network access with a single agent. Sophos ZTNA introduces a transparent and scalable security model for connecting users and devices to applications and data, improving and simplifying protection against ransomware and other advanced cybersecurity threats.

Sophos today also published new research, “Windows Services Lay the Groundwork for a Midas Ransomware Attack,” shining light on the importance of ZTNA. The research details how attackers were able to spend nearly two months undetected in a target’s environment, taking advantage of limited access controls and network and application segregation, which would have been better protected with ZTNA. The attackers further leveraged no-longer-used “ghost” remote access tools to move laterally, target and compromise other machines, create new accounts, install back doors, and exfiltrate data, before releasing the Midas ransomware.  

Through its unique integration with Sophos Intercept X, including Sophos Extended Detection and Response (XDR), Sophos Managed Threat Response and other solutions using its technology, Sophos ZTNA removes the complexities of managing multiple vendor products and agents, and provides end-to-end protection for endpoints, users, their identities, and the applications and networks that they connect to. As part of the Sophos Adaptive Cybersecurity Ecosystem, Sophos ZTNA shares real-time threat intelligence with other solutions and automatically responds to threats. Working together, the solutions can better identify active threats and assess device health, so compromised and non-compliant devices can be quickly isolated.

“Many traditional remote access solutions, like remote desktops and IPsec and SSL-VPN, provide strong encryption, but very little else in defense against modern threats. We see attackers increasingly exploiting these limitations, stuffing credentials into RDP and VPNs to gain access to victim networks, and then moving freely once inside, all too often culminating in costly data theft and ransomware incidents,” said Joe Levy, chief technology and product officer at Sophos. “People, applications, devices, and data aren’t constrained to offices anymore – they’re everywhere, and we need more modern ways to secure them. Zero trust is a very effective cybersecurity principle, and ZTNA embodies it in a practical, easy to use way, ensuring that users have secure access to only the resources that they need.”

Sophos ZTNA micro-segments networks to protect against intrusions, lateral movement and data theft. It constantly authenticates user identities with multiple factors, and validates device health, delivering tighter access controls for users and fewer footholds for cybercriminals. Unlike VPNs that provide broad network access, Sophos ZTNA eliminates implied trust and only authorizes user access to specific applications and systems on the network. By trusting nothing and verifying everything, Sophos ZTNA improves protection, simplifies security management for IT managers, and creates a smooth experience for remote workers.

“The future of work will be hybrid, making it imperative that organizations are able to protect remote workers, remote data and remote applications,” said Christopher Rodriguez, research director, Network Security Products at IDC. “By integrating ZTNA with endpoint protection, Sophos ZTNA enables risk-appropriate access to resources from any device, at any time and from any location. Trust is a key factor in business today – one that requires critical security controls to protect against business-impacting events, such as ransomware and data compromise.”

Availability

Sophos ZTNA is available for immediate purchase exclusively through Sophos’ global channel of partners. Partners and customers can easily manage Sophos ZTNA in the cloud-based Sophos Central platform alongside other solutions, where they can oversee installations, respond to alerts, and track licenses and upcoming renewal dates via a single, intuitive interface.

关于 Sophos

Sophos 是全球领先的先进安全解决方案提供商和创新者,全面安全解决方案涵盖托管式侦测与响应 (MDR) 和事件响应服务,以及广泛的端点、网络、电子邮件和云安全技术。作为最大的纯网络安全厂商之一,Sophos 为全球超过 600,000 家企业和超过 1 亿用户提供防御主动攻击对手、勒索软件、网络钓鱼、恶意软件等威胁的保护。Sophos 的服务和产品通过 Sophos Central 管理控制台连接,并得到公司内部的跨领域威胁情报部门 Sophos X-Ops 的支持。Sophos X-Ops 情报优化整个 Sophos Adaptive Cybersecurity Ecosystem 自适应网络安全生态体系,包括一个中央数据湖,为客户、合作伙伴、开发人员和其他网络安全与信息技术供应商提供一组丰富的开放 API。Sophos为需要完全托管的安全解决方案的组织提供网络安全即服务。客户还可以直接利用 Sophos 的安全运行平台管理其网络安全,或者采用混合方法,为内部团队补充 Sophos 服务(包括威胁追踪与修复)。Sophos 通过世界各地的经销商合作伙伴和托管服务供应商 (MSP) 销售。Sophos 总部位于英国牛津。如欲了解更多信息,请访问 www.sophos.com