Sophos unveils server protection with deep learning technology

Sophos announced that Intercept X for Server, its next-generation server protection with predictive deep learning technology provides constantly evolving security against cyber threats as an attack on Servers can be more devastating to a business than attacks on endpoints, due to the critical data servers hold.

“Servers are the bullseye for cybercriminals because they store valuable information and have a broader, system-wide organizational purpose than individual endpoints. An entire company could get potentially wiped out if cybercriminals infiltrate its servers with ransomware or malicious code, or exploit vulnerabilities to gain access. Once breached, attackers can get deep in the network and have the ability to do some serious damage, as well as exfiltrate data,” said Dan Schiappa, senior vice president and general manager of products at Sophos.

“Servers are critical infrastructure, but they are often overlooked in the endpoint strategy of many companies. It’s not enough to simply install traditional endpoint protection on servers because they demand additional tools and features. Server-specific protection is necessary to a successful layered security strategy to reduce the risk of a data breach. Combined with Sophos’ Synchronized Security intelligence sharing and easy management from our Sophos Central dashboard, Intercept X for Server is a powerful addition that helps defend businesses from becoming the next victim.”

The Sophos new Intercept X for Server significantly advances server protection with deep learning, anti-exploit and other key technology elements. And, the key features include:

Deep Learning Neural Network
-Leverages the deep neural network from Intercept X to detect new and previously unseen malware and unwanted applications
-Once deployed, the model constantly updates and identifies critical attributes resulting in more accurate decisions between benign and malware payloads

Active Adversary Mitigation
-Blocks determined cybercriminals and persistent techniques commonly used to evade traditional anti-virus protection
-Credential Theft Protection prevents theft of authentication passwords from memory, registries and local storage
-Code Cave Utilization detects the presence of malicious code deployed into legitimate applications

Exploit Protection
-Prevents an attacker from leveraging known vulnerabilities
-Protects against browser, plugin or java-based exploit kits even if servers are not full patched

Master Boot-Record Protection
-WipeGuard expands upon Intercept X anti-ransomware technology and prevents ransomware variants or malicious code that target the Master Boot-Record

Root Cause Analysis
-Detection and incident response technology provides forensic detail of how the attack got in, where it went, and what it touched
-Provides recommendations on what to do next after an analysis of the attack

Cloud Workload Discovery for Server
-Discovers and protects servers running on the public cloud, including Microsoft Azure and Amazon Web Services
-Prevents risk exposure from rogue IT or forgotten assets