sb-eu logo
Story image

Sophos acquires Rook Security to provide managed detection and response

12 Jun 2019

Network and endpoint security company Sophos announced that it has acquired managed detection and response (MDR) services provider Rook Security. 

Rook Security provides a 24/7 team of cyberthreat hunters and incident response experts who monitor, hunt for, analyse and respond to security incidents for businesses of all sizes. The privately-owned company was founded in 2008 and is headquartered in Indianapolis.

Sophos is creating re-sellable MDR services by combining Rook Security’s threat detection, investigation and response capabilities with its recently acquired DarkBytes technology platform.

As a channel-first security provider, Sophos will deliver the new MDR services through its network of approximately 47,000 channel partners worldwide.

“Cybercriminals are relentlessly trying to exploit organisations with techniques ranging from tried-and-true phishing emails to the more recent trend of ‘hacker pen-testing’ to find weaknesses in their surface area.

“As a result, businesses need 24/7 monitoring and management of what is happening on their network, yet many of them do not have the expertise, can’t keep up or don’t have the security teams in-house to optimally configure and manage security around-the-clock,” says Sophos chief technology officer Joe Levy.

“With MDR, Sophos’ channel partners will be able to provide businesses of all sizes with services that continuously detect, hunt for and respond to security incidents.”

In addition, Sophos plans to align its synchronised security technology and product portfolio with Rook Security’s 24/7 services for MDR customers. 

Rook Security experts will also be able to review these customer security postures to ensure optimal policy configurations for Sophos products across estates.

“Rook Security provides managed detection and response services to detect and eliminate cyber threats. Through threat hunting and data analytics, Rook Security’s experts rapidly detect and mitigate active attacks,” says Rook Security founder and CEO JJ Thompson.

“We are excited to bring our experts and service delivery innovation to Sophos.

“Together, we can implement faster, more effective threat detection and response capabilities to better protect businesses.”
Sophos is releasing no further details at this time.

Earlier this year, Sophos announced its Intercept X for Server with Endpoint Detection and Response (EDR) offering.

The product aims to allow users to proactively detect stealthy attacks, better understand the impact of a security incident and quickly visualise the full attack history.  

“When adversaries break into a network, they head straight for the server. Unfortunately, the mission-critical nature of servers restrains many organisations from making changes, often significantly delaying patch deployment,” Sophos chief product officer Dan Schiappa said.

“Cybercriminals are counting on this window of opportunity. If organisations do fall victim to an attack, they need to know the full context of what devices and servers were hit in order to improve security as well as answer questions based on stricter regulatory laws,” he added.

Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More
Story image
Bitglass receives US patent for SAML technology
Bitglass designed its SAML relay to allow a cloud access security broker (CASB) to be inserted into the traffic flow between users and cloud services during the login process.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More