Sophos Teams Up with Tenable to Launch New Sophos Managed Risk Service

In response to the ever-evolving landscape of cyber threats, Sophos, a renowned global leader in security solutions, has joined forces with Tenable®, a leading company in Exposure Management, to introduce Sophos Managed Risk. This innovative service aims to provide organisations worldwide with comprehensive vulnerability and attack surface management capabilities to combat cyberattacks effectively.

The collaboration between Sophos and Tenable brings together cutting-edge exposure management technology and expertise in security operations to deliver a holistic solution. Sophos Managed Risk features a dedicated team from Sophos leveraging Tenable's exposure management technology, coupled with the expertise of Sophos Managed Detection and Response (MDR) professionals. This combination ensures attack surface visibility, continuous risk monitoring, vulnerability prioritisation, investigation, and proactive notification to prevent cyberattacks.

The significance of this partnership is underscored by the growing complexity of the modern attack surface, which extends beyond traditional on-premises IT boundaries. Organisations now grapple with managing numerous external and internet-facing assets that may be unpatched or underprotected, leaving them vulnerable to cyber threats. Sophos' Active Adversary Report highlights the urgent need for organisations to address key tasks such as closing exposed Remote Desktop Protocol (RDP) access, enabling multi-factor authentication, and patching vulnerable servers.

These tasks are identified as top entry points in breaches handled by Sophos Incident Response in 2023.The Sophos Managed Risk service addresses these challenges by assessing an organisation's external attack surface, prioritising high-risk exposures, and providing tailored remediation guidance. By identifying vulnerabilities in external assets, devices, and software that are often overlooked, the service helps organisations eliminate blind spots and mitigate potential attacks.

Key benefits of Sophos Managed Risk include advanced External Attack Surface Management (EASM), continuous monitoring, proactive notification of high-risk exposures, and vulnerability prioritisation. By leveraging the Tenable One Exposure Management Platform, the service enables organisations to proactively manage risks, anticipate attacks, and reduce cyber risk effectively.

Sophos Managed Risk represents a significant advancement in cybersecurity, offering organisations a proactive approach to managing vulnerabilities and mitigating cyber threats. By combining Sophos' expertise in security operations with Tenable's exposure management technology, the service equips organisations with the tools and insights needed to safeguard against evolving cyber threats and protect their digital assets.

In the realm of cybersecurity, one of the most daunting challenges organisations face is the daunting task of prioritising and addressing vulnerabilities effectively. This critical aspect of cybersecurity management is often fraught with complexity and can overwhelm security teams tasked with safeguarding digital assets. Craig Robinson, research vice president of Security Services at IDC, highlights the significance of solutions like Sophos Managed Risk in alleviating this burden. By providing guidance on prioritising vulnerabilities and exposure management, such solutions streamline the workload for security teams and enable them to take a more holistic approach to continuous monitoring and threat management.

Sophos Managed Risk represents a significant advancement in cybersecurity services, offering organisations a comprehensive solution to address vulnerabilities and mitigate risks effectively. Available as an extended service with Sophos Managed Detection and Response (MDR), which already protects thousands of organisations globally, Sophos Managed Risk leverages Tenable-certified experts to assess and investigate potential exposure risks. This collaboration ensures that essential information about zero-day vulnerabilities and known risks is shared seamlessly between the Sophos Managed Risk team and Sophos MDR, enabling proactive threat mitigation and response.

Kieron Stone, cybersecurity business development manager at Phoenix Software Ltd., underscores the value of Sophos Managed Risk as a trusted managed service provider (MSP). Stone highlights the service's ability to simplify vulnerability identification, risk assessment, and prioritisation of remediation efforts. For organisations lacking a well-defined vulnerability patching cadence, Sophos Managed Risk serves as an indispensable tool for identifying vulnerabilities and establishing a remediation schedule. Additionally, for organisations already managing vulnerabilities, the service provides an extra layer of assurance, ensuring that no critical vulnerabilities are overlooked.

Regular interaction and engagement with Sophos experts further enhance the value proposition of Sophos Managed Risk for organisations. Scheduled meetings allow for the review of recent discoveries, insights into the current threat landscape, and recommendations for prioritising remediation actions. Moreover, organisations can initiate inquiries directly through the Sophos Central platform, enabling tailored support, access to reports, and review of prioritised alerts.

Brooks Roy, president at Communications Consulting, Inc., emphasises the practical benefits of Sophos Managed Risk for channel partners. By combining Sophos' elite MDR expertise with Tenable's industry-leading exposure management technology, the service provides a comprehensive view of vulnerabilities and actionable guidance to minimise risk. The ability to manage prioritised alerts seamlessly across the customer base via the Sophos Central dashboard further enhances the value proposition for channel partners, empowering them to deliver proactive cybersecurity solutions effectiv

Sophos Managed Risk represents a game-changer in the realm of cybersecurity services, offering organisations a proactive and comprehensive approach to vulnerability management and threat mitigation. By leveraging advanced technology and expertise, Sophos Managed Risk enables organisations to stay ahead of cyber threats and safeguard their digital assets effectively.

Sophos Managed Risk is readily accessible to organisations through a term license model, facilitated by Sophos' extensive network of channel partners and Managed Service Providers (MSPs). This distribution model ensures that organisations of all sizes and industries can leverage the benefits of Sophos Managed Risk to enhance their cybersecurity posture effectively.

Furthermore, Sophos recognises the evolving needs of organisations and the growing demand for flexible cybersecurity solutions. In response to this demand, Sophos plans to introduce a Sophos MSP Flex version of Managed Risk in 2024. This version will offer enhanced flexibility and scalability, allowing MSPs to tailor the service to the unique requirements of their clients. By offering a flexible licensing option, Sophos aims to empower MSPs to deliver tailored cybersecurity solutions that meet the diverse needs of their clientele.

Overall, the availability of Sophos Managed Risk through a term license model and the upcoming introduction of the Sophos MSP Flex version underscore Sophos' commitment to providing accessible, adaptable, and effective cybersecurity solutions to organisations worldwide. Through strategic partnerships with channel partners and MSPs, Sophos ensures that businesses can proactively manage their cyber risks and safeguard their digital assets with confidence.