Sophos Partners with Tenable to Launch New Managed Risk Service

Cybersecurity leader Sophos on Thursday announced a strategic partnership with Tenable, the Exposure Management company, to provide Sophos Managed Risk, a worldwide vulnerability and attack surface management service.

The new service features a dedicated Sophos team that leverages Tenable’s exposure management technology and collaborates with the security operations experts from Sophos Managed Detection and Response [MDR] to provide attack surface visibility, continuous risk monitoring, vulnerability prioritization, investigation, and proactive notification designed to prevent cyberattacks. 

The modern attack surface has expanded beyond traditional on-premises IT boundaries, with organizations operating frequently unknown numbers of external and internet-facing assets that are unpatched or under protected, leaving them vulnerable to cyberattackers. This is evident in the newest Sophos Active Adversary Report, also released today, which identifies three tasks that organizations must prioritize to minimize the risk of brazen intrusions that lead to ransomware or other types of attacks. These include closing exposed Remote Desktop Protocol [RDP] access, enabling multi-factor authorization and patching vulnerable servers, all of which were top entry points in breaches handled by Sophos Incident Response in 2023.

The Sophos Managed Risk service can assess an organization’s external attack surface, prioritize the riskiest exposures, such as open RDP, and provide tailored remediation guidance to help eliminate blind spots and stay ahead of potentially devastating attacks.

“Sophos and Tenable are two industry security leaders coming together to address urgent, pervasive security challenges that organizations continuously struggle to control. We can now help organizations identify and prioritize the remediation of vulnerabilities in external assets, devices and software that are often overlooked.” said Rob Harrison, senior vice president for endpoint and security operations product management at Sophos.

”It is critical that organizations manage these exposure risks, because unattended, they only lead to more costly and time-consuming issues and are often the root causes of significant breaches,” he added. 

Specific key benefits of Sophos Managed Risk include External Attack Surface Management (EASM), Continuous monitoring and proactive notification of high-risk exposures and Vulnerability prioritization and identification of new risks

“While the latest zero day may dominate the headlines, the biggest threat to organizations, by a large margin, is still known vulnerabilities – or vulnerabilities for which patches are readily available,” said Greg Goetz, vice president of global strategic partners and MSSP, Tenable.

“A winning approach includes risk-based prioritization with context-driven analytics to proactively address exposures before they become a problem. Sophos Managed Risk, powered by the Tenable One Exposure Management Platform, delivers outsourced preventive risk management, enabling organizations to anticipate attacks and reduce cyber risk.”

Sophos Managed Risk is available with a term license through Sophos’ global network of channel partners and Managed Service Providers [MSPs]. A Sophos MSP Flex version will be available in 2024.

Follow us on Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to info@techtrendske.co.ke.