Additional Measures

SophosLabs Isolation

Given the nature of the highly proprietary research, development, and daily operations within SophosLabs (such as investigating the latest malicious threats and development of machine learning models), SophosLabs is separated from other networks to minimize the the possibility of breaches. Additionally, all malware execution, analysis, and research is performed on separate, isolated systems to prevent infection. These isolation efforts ensure Sophos Central development is not exposed to risk.

Responsible Disclosure and Bug Bounty Programs

Sophos has a strong presence in the independent researcher community and runs a bug bounty program to reward researchers for their findings. Full details can be found in the Sophos Responsible Disclosure Policy: as well as our BugCrowd page:

Naked Security

Naked Security is Sophos’ award-winning security news blog that provides news, opinion, advice and research on computer security issues and the latest internet threats.

Our journalists and researchers provide another valuable avenue for insights and suggested improvements to our engineering efforts of Sophos Central.