Sophos announces evolution of its security operations portfolio

Issue 6 2025 Information Security

Sophos has announced significant enhancements to its security operations portfolio, already trusted by over 75 000 organisations worldwide via Sophos XDR and Sophos MDR offerings, marking a significant milestone in its integration journey following the acquisition of Secureworks in February 2025.

In the months since the acquisition of Secureworks for $859 million, Sophos has made transformative progress, unifying technologies, expertise, and services from across its expanded organisation to further elevate defences and cybersecurity outcomes for its customers. Demonstrating this momentum, Sophos today launched Sophos Identity Threat Detection and Response (ITDR), the latest in a series of advances that leverage Secureworks capabilities to expand the company’s security operations offerings.

Sophos Identity Threat Detection and Response (ITDR): The newest addition, giving organisations faster visibility into identity risks and providing stronger protection against identity-based attacks.

• Sophos Advisory Services: Announced earlier this month (www.securitysa.com/25812r), providing penetration testing and advanced security assessments informed by Sophos X-Ops intelligence to mitigate cyber risk.

• Integration of threat expertise: The Counter Threat Unit (CTU), integrated through the Secureworks acquisition, has joined Sophos X-Ops, the organisation’s joint task force, uniting multiple specialised teams. This integration expands Sophos’ deep threat expertise with world-class adversary tracking, dark web intelligence, and collaboration with law enforcement and government agencies worldwide. The combined intelligence of Sophos X-Ops powers all Sophos products and services, delivering defence against cyberthreats, including ransomware, state-sponsored attacks, and identity-based intrusions.

• Sophos Endpoint integration with Secureworks Taegis MDR and XDR: Announced in September, Sophos Endpoint is now natively integrated with Taegis MDR and Taegis XDR and automatically included with all subscriptions, delivering unified prevention, detection, and response while reducing complexity and cost.

Together, these advancements strengthen Sophos’ ability to help organisations of all sizes defend against evolving threats by combining advanced technology with trusted human expertise.

“Sophos is redefining what it means to be a trusted security partner,” said Raja Patel, chief product officer, Sophos. “Our strategy is to meet organisations wherever they are in their cybersecurity journey, uniting advanced defences with deep human expertise to outpace adversaries. With global scale, visibility, and the intelligence of Sophos X-Ops, we are delivering stronger outcomes today and ensuring organisations can keep their businesses running securely in the face of tomorrow’s threats.”

Market Expansions

With the launch of Sophos ITDR and the recent introduction of Sophos Advisory Services, the company is further expanding its trusted security operations portfolio. Based on the proven Taegis IDR solution from Secureworks, Sophos ITDR gives organisations faster visibility into identity risks and stronger protection against identity-based attacks, one of the fastest-growing threat vectors globally.

Sophos Advisory Services, informed by Sophos X-Ops threat intelligence and delivered by seasoned cybersecurity experts, provides penetration testing and advanced security assessments to help organisations identify gaps, strengthen defences, and reduce risk. Together, these offerings expand the portfolio of solutions Sophos partners can deliver to customers, while creating new growth opportunities and helping them differentiate their offerings.

Portfolio advances in endpoint security, AI, and MDR

Updated endpoint security portfolio: Includes a simplified Sophos EDR licensing tier, which makes it easier for organisations of all sizes to access enterprise-grade protection, while giving partners streamlined ways to deliver and sell Sophos solutions.

Advances in AI: Including the addition of new security analyst and threat hunting AI assistants that support investigation and proactive hunting workflows in Sophos XDR and MDR. Informed by Sophos MDR analysts’ experience securing more than 35 000 organisations from advanced, human-led threats, Sophos AI assistants help security teams quickly identify risks, enrich investigations with threat intelligence, and take faster remediation actions.

Enhancing XDR and MDR integrations: To accelerate threat detection and response across the whole organisational environment, Sophos is making it easier for customers to connect their IT and cybersecurity technologies with the open Sophos Central platform. Starting in November 2025, all Sophos MDR and Sophos XDR subscriptions include third-party technology integrations spanning endpoint, firewall, network, cloud, email, identity, backup, and productivity solutions, at no additional cost. This enhanced visibility enables analysts to identify, investigate, and neutralise threats faster, while helping customers maximise the return on their existing IT investments.

Every day, Sophos processes 223+ terabytes of telemetry in Sophos Central, generating 34+ million detections and automatically blocking 11+ million threats. This scale of customer insights also ensures that Sophos’ detections are tested and improved to provide continuous protection, while delivering stronger outcomes for organisations worldwide. Together, the new portfolio advances, spanning identity protection, advisory services, endpoint innovation, AI, MDR, and human expertise, exemplify how Sophos is delivering measurable security outcomes at a global scale.

For more information contact Sophos SA, +27 11 444 4000, pieter.nel@sophos.com, www.sophos.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The year of the agent
Information Security AI & Data Analytics
The dominant attack patterns in Q4 2025 included system-prompt extraction attempts, subtle content-safety bypasses, and exploratory probing. Indirect attacks required fewer attempts than direct injections, making untrusted external sources a primary risk vector heading into 2026.

Read more...
AI cybersecurity predictions for 2026
AI & Data Analytics Information Security
The rapid development of AI is reshaping the cybersecurity landscape in 2026, for both individual users and businesses. Large language models (LLMs) are influencing defensive capabilities while simultaneously expanding opportunities for threat actors.

Read more...
SMARTpod Talks to Check Point Technologies about the African Perspectives on Cybersecurity report
SMART Security Solutions News & Events Information Security Videos
SMART Security Solutions spoke with Check Point's Hendrik de Bruin about the report, the risks African organisations face, and some mitigation measures.

Read more...
Securing the smart fleet
Information Security Transport (Industry) Logistics (Industry) IoT & Automation
Contributing around 10 to 12% of South Africa’s GDP, the transport and logistics sector supports almost every part of the country’s economic activity. The stakes for keeping these systems secure are higher than ever before.

Read more...
Who are you?
Access Control & Identity Management Information Security
Who are you? This question may seem strange, but it can only be answered accurately by implementing an Identity and Access Management (IAM) system, a crucial component of any company’s security strategy.

Read more...
Check Point launches African Perspectives on Cybersecurity report
News & Events Information Security
Check Point Software Technologies released its African Perspectives on Cybersecurity Report 2025, revealing a sharp rise in attacks across the continent and a major shift in attacker tactics driven by artificial intelligence

Read more...
What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...
Cybersecurity operations done right
LanDynamix SMART Security Solutions Technews Publishing Information Security
For smaller companies, the costs associated with acquiring the necessary skills and tools can be very high. So, how can these organisations establish and maintain their security profile amid constant attacks and evolving technology?

Read more...
AI security with AI Cloud Protect
Information Security
AI Cloud Protect is now available for on-premises enterprise deployments to secure AI model development, agentic AI applications, and inference workloads with zero impact on performance.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.