Sophos Monitoring

1. Sophos Managed Threat Response
2. Sophos Monitoring
3. Sophos Endpoint Monitoring

Sophos Group plc is a British security software and hardware company. Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management. Sophos is primarily focused on providing security software to 100- to 5,000-seat organizations. While not a primary focus, Sophos also protects home users, through free and paid antivirus solutions (Sophos Home/Home Premium) intended to demonstrate product functionality. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020.

Sophos stops everything malicious and provides us with alerts, so we can respond quickly—and that’s worth its weight in gold.” Cliff Hogan, CIO, D4C Dental Brands Switching to Sophos Central was a simple transition and 80% of the work was carried out within just one week.” Andy Bone, Head of IT, NAHT. Behavior monitoring As part of on-access scanning, Sophos Behavior Monitoring protects Windows computers from unidentified or 'zero-day' threats and suspicious behavior. Run-time detection can intercept threats that cannot be detected before execution. Sophos Proactive Monitoring Proactive Monitoring is a service that can be provided by Sophos to continuously monitor the system health and status of your appliance. If there is ever a need to do so, Sophos will contact you and advise you about what action may need to be taken to ensure the continued smooth functioning of your appliance.

History[edit]

Sophos was founded by Jan Hruska and Peter Lammer and began producing its first antivirus and encryption products in 1985.^[2] During the late 1980s and into the 1990s, Sophos primarily developed and sold a range of security technologies in the UK, including encryption tools available for most users (private or business). In the late 1990s, Sophos concentrated its efforts on the development and sale of antivirus technology, and embarked on a program of international expansion.^[3]

In 2003, Sophos acquired ActiveState, a North American software company that developed anti-spam software. At that time viruses were being spread primarily through email spam and this allowed Sophos to produce a combined anti-spam and antivirus solution.^[4] In 2006, Peter Gyenes and Steve Munford were named chairman and CEO of Sophos, respectively. Jan Hruska and Peter Lammer remain as members of the board of directors.^[5] In 2010, the majority interest of Sophos was sold to Apax.^[6] In 2010, Nick Bray, formerly Group CFO at Micro Focus International, was named CFO of Sophos.^[7]

Sophos Managed Threat Response

In 2011, Utimaco Safeware AG (acquired by Sophos in 2008–9) were accused of supplying data monitoring and tracking software to partners that have sold to governments such as Syria: Sophos issued a statement of apology and confirmed that they had suspended their relationship with the partners in question and launched an investigation.^[8][9] In 2012, Kris Hagerman, formerly CEO at Corel Corporation, was named CEO of Sophos and joined the company's board. Former CEO Steve Munford became non-executive chairman of the board.^[10] In February 2014, Sophos announced that it had acquired Cyberoam Technologies, a provider of network security products.^[11] In June 2015, Sophos announced plans to raise $US100 million on the London Stock Exchange.^[12] Sophos was floated on the FTSE in September 2015.^[13]

On 14 October 2019 Sophos announced that Thoma Bravo, a US-based private equity firm, made an offer to acquire Sophos for US$7.40 per share, representing an enterprise value of approximately $3.9 billion. The board of directors of Sophos stated their intention to unanimously recommend the offer to the company's shareholders.^[14] On 2 March 2020 Sophos announced the completion of the acquisition.^[15]

Acquisitions and partnerships[edit]

From September 2003 to February 2006, Sophos served as the parent company of ActiveState, a developer of programming tools for dynamic programming languages: in February 2006, ActiveState became an independent company when it was sold to Vancouver-based venture capitalist firm Pender Financial.^[16] In 2007, Sophos acquired ENDFORCE, a company based in Ohio, United States, which developed and sold security policy compliance and Network Access Control (NAC) software.^[17][18] In November 2016, Sophos acquired Barricade, a pioneering start-up with a powerful behavior-based analytics engine built on machine learning techniques,^[19] to strengthen synchronized security capabilities and next-generation network and endpoint protection. In February 2017, Sophos acquired Invincea, a software company that provides malware threat detection, prevention, and pre-breach forensic intelligence.^[20][21][22]

In March 2020, Thoma Bravo acquired Sophos for $3.9 billion.^[23]

See also[edit]

References[edit]

1. ^ ^abcd'Annual Report 2018'(PDF). Sophos. Retrieved 20 March 2019.
2. ^'Sophos: the early years'. Naked Security.
3. ^'Exterminator Tools'. Windows IT Pro. 15 November 1999. Retrieved 24 April 2017.
4. ^'Sophos acquires anti-spam specialist ActiveState'. www.sophos.com. Retrieved 3 January 2016.
5. ^'Sophos Management Team | Global Leaders in IT Security'. sophos.com.
6. ^'Apax Partners to acquire majority stake in Sophos'.
7. ^'Board of Directors'.
8. ^'The Bureau Investigates article'. Archived from the original on 4 December 2011.
9. ^'Statement from Sophos on Recent Media Reports'.
10. ^'Sophos Board of Directors webpage'.
11. ^'Sophos Acquires Cyberoam to Boost Layered Defense Portfolio'. Infosecurity Magazine.
12. ^'Sophos Plans $100 Million London IPO'.
13. ^'Sophos joins the UK's top public companies in the FTSE 250'.
14. ^'Sophos founders exit before Thoma Bravo sale'. Global Capital. 5 December 2019. Retrieved 25 February 2020.
15. ^'Sophos opens new chapter with take-private acquisition'.
16. ^'ActiveState Acquired by Employees and Pender Financial Group; Company Renews Focus on Tools and Solutions for Dynamic Languages'. Business Wire. 22 February 2006. Retrieved 24 April 2017.
17. ^'Sophos buys Endforce for network access control'. Network World. 11 January 2007. Retrieved 24 April 2017.
18. ^Wauters, Robin. 'Sophos beefs up on online security, acquires Dutch security software firm SurfRight for $31.8 million'. Retrieved 2 August 2016.
19. ^https://www.sophos.com/en-us/press-office/press-releases/2016/11/sophos-acquires-security-analytics-start-up-in-ireland.aspx
20. ^'Sophos Adds Advanced Machine Learning to Its Next-Generation Endpoint Protection Portfolio with Acquisition of Invincea'. Sophos. 8 February 2017. Retrieved 11 February 2017.
21. ^'Sophos grows anti-malware ensemble with Invincea'. Sophos. 8 February 2017. Retrieved 11 February 2017. One may ask, if you already have great next-generation technology, why do you need Invincea’s technology?...Think of Invincea as the superhero that takes our ensemble to the next level – the entity that adds neural network-based machine learning to the team.
22. ^'Sophos to Acquire Invincea to Add Industry Leading Machine Learning to its Next Generation Endpoint Protection Portfolio'. Invincea. 8 February 2017. Retrieved 11 February 2017.
23. ^'Thoma Bravo completes $3.9B Sophos acquisition'. TechCrunch. Retrieved 7 April 2020.

External links[edit]

As part of on-access scanning, Sophos Behavior Monitoring protects Windows computers from unidentified or 'zero-day' threats and suspicious behavior.

Run-time detection can intercept threats that cannot be detected before execution. Behavior monitoring uses the following run-time detection methods to intercept threats:

• Malicious and suspicious behavior detection
• Malicious traffic detection
• Buffer overflow detection

Sophos Monitoring

Malicious and suspicious behavior detection

Suspicious behavior detection uses Sophos's Host Intrusion Prevention System (HIPS) to dynamically analyze the behavior of all programs running on the computer to detect and block activity that appears to be malicious. Suspicious behavior may include changes to the registry that could allow a virus to run automatically when the computer is restarted.

Sophos Endpoint Monitoring

Suspicious behavior detection watches all system processes for signs of active malware, such as suspicious writes to the registry or file copy actions. It can be set to warn the administrator and/or block the process.

Malicious behavior detection dynamically analyzes all programs running on the computer to detect and block activity that is known to be malicious.

Malicious traffic detection

Malicious traffic detection detects communications between endpoint computers and command and control servers involved in botnet or other malware attacks.

Buffer overflow detection

Buffer overflow detection is important for dealing with zero-day exploits.

It dynamically analyzes the behavior of programs running on the system in order to detect when an attempt is made to exploit a running process using buffer overflow techniques. It will catch attacks targeting security vulnerabilities in both operating system software and applications.