Skip to content

Sophos MDR Service Tiers

Sophos offers 2 MDR service tiers, Sophos MDR Essentials and Sophos MDR Complete, that include the following:

90 days of data storage

Standard data storage for devices is 90 days. One-year extended data storage is available as an add-on license for customers that want or need data to be retained for longer periods. The extended data storage license can be added to your subscription at any time.

Integration with Sophos Native and Third-Party Security Solutions

Sophos MDR Essentials and MDR Complete support integrations with all Sophos solutions - cloud, email and firewall - as well as a wide range of third-party security solutions, giving you the ability to leverage your existing investments in firewall, public cloud, email, identity and network products and provide the MDR Ops team additional visibility across your estate for deeper detection context.

  • Third-Party Integration Packs

    Sophos integration pack licenses are required for third-party firewall, network, email, cloud, and identity and are priced based on numbers of users per pack. These licenses can be added to your subscription at any time and allow you to get greater return on your existing security investments.

  • Sophos Network Detection and Response (NDR)

    For an additional license fee, the Sophos NDR solution monitors network activity inside your estate, between devices, that is otherwise beyond the view of your traditional endpoints. See more information on requirements and installation.

  • Microsoft Solutions

    At no additional cost, both Sophos MDR Essentials and MDR Complete support Microsoft O365 Audit Logs and the Microsoft Graph Security API so there can be visibility into your Microsoft Azure and Defender alerts and the MDR Ops team can correlate them with other activity.

    Support is dependent on your Microsoft product subscriptions. See more information on Microsoft Graph Security and O365 Audit Logs.

Service Level Targets

We have established Service Level Targets (SLTs) to ensure we are meeting your expectations and providing the best security service to protect your business. Our SLTs are designed to provide guidelines around timing expectations for case creation and response actions resulting from investigations.

Target time for Case creation 2 minutes from Detection
Target time for initial Response Action 30 minutes from Case creation

Monthly Sophos ThreatCast

Wondering how we’re keeping you safe? Join us for the monthly Sophos MDR ThreatCast.

Each month, we will deliver unique insights into the current threat landscape, observed threat activity, and threat hunts conducted across Sophos MDR customer environments. Sophos Intelligence Analysts and Researchers will give you first-hand knowledge of what our MDR analysts have been working on and how they have been protecting your organization.

More information about these services is available on our Legal page.