The MDR services Sophos acquired with Rook Security on Monday will be integrated with the DarkBytes platform acquired earlier, and Sophos’ own EDR offerings, and made available for MSPs without deep security experience and SOCs to resell.
Kendra Krause, Vice President of Global Channels at Sophos
On Monday, Sophos announced their second managed detection and response [MDR] acquisition in 2019. Rook Security, an Indianapolis-based provider of MDR services joins DarkBytes, acquired in January as the foundation of what will become a Sophos MDR portfolio. While that portfolio will ultimately include sophisticated offerings for MSSP partners, the plan for the rest of this fiscal year is to roll out MDR services which Sophos MSP partners with less security experience will be able to resell.
The plan with the Rook acquisition was to acquire an MDR company with a strong services and support capability, whose services could be delivered on the DarkBytes platform. Rook, which has been in business since 2008, fit the bill.
“We had looked at a lot of different companies,” said Kendra Krause, Vice President of Global Channels at Sophos. “They have a 24/7 managed services capability, with all resources being local. They have an incredible talented team cyberthreat hunters and incident response experts. We really liked how they supported their customers. They had the same vision as Sophos has, which makes it easy to integrate all of their capabilities into Sophos.”
While DarkBytes also had begun to build out a services capability, the main attraction there to Sophos was the architectural sophistication of the platform, and its capability to deliver SOC services to organizations of all sizes.
- Find out what considerations to make when choosing an MDR service so you can make the most informed choice!
- Sophos MTR provides 24/7 threat hunting, detection, and response capabilities delivered by an expert team as a fully-managed service. Beyond simply notifying you of attacks or suspicious behaviors, the Sophos MTR team takes targeted actions on your behalf to neutralize even the most sophisticated and complex threats.
“DarkBytes is the tech platform that we will use to provide the services,” Krause said. “Rook brings the SOC and the engineers who will provide the 24/7 support.”
Sophos Edr Service
Sophos Central Endpoint: Installer command line options for Windows and Mac KB-000036839 02 3, 2021 32 people found this article helpful. Other managed detection and response (MDR) services simply notify you of attacks or suspicious events. Then it’s up to you to manage things from there. With Sophos MTR, your organization is backed by an elite team of threat hunters and response experts who take targeted actions on your behalf to neutralize even the most sophisticated threats. Cynet – Best XDR Solution Provider. Best for small to large businesses. Cynet Pricing: Cynet offers a.
Sophos also plans to align its existing synchronized security technology and product – its Sophos Intercept X Advanced with EDR – with Rook Security’s 24/7 services for MDR customers. Rook Security experts will also be able to review these customer security postures to ensure optimal policy configurations for Sophos products. The Intercept X Advanced solution will also be required for the MDR services.
“The Rook MDR services will support the Intercept X Advanced with EDR,” Krause said. “The MDR services will work together with the Intercept Advance X with EDR. So a customer will need one to get the other, or can buy them together.”
Partners who want to resell the MDR services obviously need to have the EDR capability as well.
Sophos Mtr Cost
“The EDR is the platform,” Krause said. “You need that to be able to see what’s going on in the networking.”
The good news here though for Sophos partners is that any MSP will be able to resell these services, not just ones with SOCs or deep security experience.
“This is why our channel loves this product,” Krause said. “No matter what services a partner offers today, they will be able to resell these services. Our MSPs are ecstatic about this. Most don’t want to invest in a SOC. So they will be able to bundle this in, and we will do the MDR services on the back end.”
The plan is to first bring the MDR capabilities to market through MSPs reselling the service – but there are other plans for next year.
Mr Sophistication Killer
“We will do a lot of sales education to enable MSP partners to resell the service,” Krause said. “We then plan to launch some certification programs for MSSPs who want to be able to offer it themselves, which will include a formal certification process. Look for that likely around the beginning of our next fiscal year [April]. The first priority this year will be enabling reselling MDR.”