Sophos and its partners will have a "tremendous" competitive advantage with SOC.OS.

Edward Gately, Senior News Editor

April 22, 2022

3 Min Read
Sophos to Advance MTR, XDR with SOC.OS Acquisition
Shutterstock

Sophos has acquired SOC.OS, which provides a cloud-based security alert investigation and triage automation solution. It will enhance Sophos’ managed threat response (MTR) and extended detection and response (XDR) solutions.

SOC.OS‘s solution consolidates and prioritizes high volumes of security alerts from multiple products and platforms across an organization’s estate. It allows security operations teams to quickly understand and respond to the most urgent cases flagged.

SOC.OS launched in 2020 and is a spinout of BAE Systems Digital Intelligence. The company is privately held and based in the United Kingdom.

Sophos didn’t disclose financial details of the acquisition.

Sophos Partners Excited About SOC.OS Acquisition

Joe Levy is Sophos’ chief technology and product officer. He said partners are “very excited” about the acquisition.

Levy-Joe_Sophos.jpg

Sophos’ Joe Levy

“The adoption of Sophos MTR has been outstanding,” he said. “And the top request from partners has been to broaden our detection, protection and response capabilities beyond the Sophos portfolio of endpoint, network and cloud solutions. With SOC.OS, we’ll be able to rapidly expand our Adaptive Cybersecurity Ecosystem to integrate and leverage an organization’s current set of security and IT solutions. With the integration of SOC.OS, we’re increasing addressable market opportunities and improving return on investment for both partners and customers.”

Keep up with the latest channel-impacting mergers and acquisitions in our M&A roundup.

SOC.OS sold directly to customers with no channel partners.

Between 24/7 threat activity, high volumes of security alerts and false positives, and understaffing, organizations need XDR or MTR, plus a solution from SOC.OS that automatically clusters and triages alerts, Sophos said.

“The enhancement that SOC.OS brings is an ability to ingest and operate on data from sources across the customer’s entire IT environment, better exposing the dark corners, and then it further helps to focus and optimize the attention of operators by better organizing and prioritizing those signals,” Levy said. “If security analysts are getting the right signals, getting them earlier, and with the right prioritization and organization, they can reduce the amount of damage and costs incurred by an attacker. We find the SOC.OS does an extraordinary job at this.”

‘Tremendous’ Competitive Advantage

With the SOC.OS acquisition, Sophos and its partner will have a “tremendous” competitive edge, Levy said.

“And this is very exciting for us, the partner community and our customers,” he said. “The acquisition will allow Sophos to expand its security capabilities to further help organizations defend against persistent, consistent and increasingly complex cyberattacks. In a nutshell, SOC.OS will help us to deliver better cybersecurity outcomes.”

Dave Mareels is SOC.OS’s CEO and co-founder.

Alert fatigue and lack of visibility still plague security teams worldwide,” he said. “Considering this, against the backdrop of constantly changing cyber threats and a challenging talent landscape, defenders need new and innovative products and services that can help them solve more complex incidents in less time. For many defenders, however, the complexity and cost of traditional security solutions act as barriers to adoption. By joining forces with Sophos, we can address these challenges together, head on. The sum is greater than our parts. And by combining our capabilities, we’re positioned to offer truly unique, cost effective and highly accessible products and services to those who need it most, on a global scale.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPsVARs/SIs

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like