Active incidents and Sophos MDR
Sophos Managed Detection and Response is a fully managed service delivered by experts who detect and respond to cyberattacks targeting your computers, servers, networks, cloud workloads, email accounts, and more.
When we identify an active incident, the Sophos MDR operations team will investigate and respond in minutes, whether you need full-scale incident response (exclusive to MDR Complete customers) or help making accurate decisions.
Direct Call-in Support
Your team has direct call-in access to our Security Operations Center (SOC) to review potential threats and active incidents. The Sophos MDR operations team is available 24/7/365 and backed by support teams across 26 locations worldwide.
Threat Containment
Sophos MDR Complete includes full-scale incident response. For organizations that opt for Sophos MDR without full-scale incident response, the Sophos MDR operations team work to stop the attack and prevent it from spreading. The MDR Ops team will also provide guidance on neutralization. This reduces workload for internal security operations teams and enables them to rapidly execute remediation actions.
Services provided by Sophos Support and Sophos MDR
| Services provided | Sophos Support | Sophos MDR | Sophos MDR Complete |
|---|---|---|---|
| “How to” questions for Sophos products | |||
| Troubleshooting product issues | |||
| Sample file submissions | |||
| Product best practice advice | |||
| Endpoint installation failures | |||
| 24/7 expert-led monitoring and response | |||
| Weekly and monthly reporting | |||
| Monthly intelligence briefing "Sophos MDR ThreatCast" | |||
| Sophos Account Health Check | |||
| Expert-led threat hunting | |||
| Threat containment: threats prevented from spreading | |||
| Direct call-in support during incidents | |||
| Full-scale incident response: threats fully eliminated | |||
| Root Cause Analysis to prevent future recurrence | |||
| Dedicated incident response lead |