Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/mdr/help/en-us/index.html?contextId=MDRService

Sophos MDR Essentials Service Tier

Sophos MDR Essentials is for organizations that have already made investments into a security team within their organization who can manage incident response themselves. It is a 24/7, fully managed detection and response service that can offer the benefits of our top-rated endpoint protection or alternatively can provide support for already installed third-party endpoint protection products. We focus on containing threats, and escalating high priority cases but with Sophos MDR Essentials, you carry out the full incident response and threat neutralization.

Support for Third-Party Endpoints

Sophos MDR Essentials is compatible with third-party endpoint protection products for organizations unable to replace their existing, non-Sophos endpoint protection platform but that are still interested in benefiting from our endpoint detection, investigation, and response capabilities. In this case, Sophos MDR agents run in a detection and response-only mode (no protection actions) alongside the third-party endpoint protection platforms.

Threat Response

With the MDR Essentials service tier, if an active incident occurs, the MDR Ops team offers threat containment and response. MDR Ops will work to stop the attack, preventing spread, but will give you guidance on how to neutralize it yourself. If you are seeking incident response services, you may contact our Sophos Incident Response Team.