Sophos Unleashes X-Ops Team to Improve Organizations' Cyber Defenses

X-Ops combines three of Sophos' top capabilities.

Edward Gately, Senior News Editor

July 20, 2022

3 Min Read
Cybersecurity superheroes

Sophos has unveiled its new X-Ops team, connecting SophosLabs, Sophos SecOps and Sophos Artificial Intelligence (AI), to help organizations better defend against cyberattacks.

Sophos X-Ops leverages the predictive, real-time, real-world and researched threat intelligence from each group. They’re collaborating to deliver stronger, more innovative protection, detection and response capabilities.

The Sophos X-Ops team includes:

  • The threat response team, who disrupt active adversaries to prevent ransomware and other attacks, and evict and lock out cybercriminals.

  • The labs team, including more than 250 researchers around the world who detect and investigate new malware in the wild to defeat attackers.

  • The AI team to develop and implement detections faster.

Sophos’ X-Ops team also provides a stronger cross-operational foundation for innovation. By intertwining the expertise of each group, Sophos is pursuing the concept of an AI-assisted security operations center (SOC). It anticipates the intentions of security analysts and provides relevant defensive actions. Sophos believes this will accelerate security workflows, and the ability to more quickly detect and respond to indicators of compromise.

Reaffirming Partners’ Confidence

Joe Levy is Sophos’ CTO.


Sophos’ Joe Levy

“The incentives of Sophos and our partners are perfectly aligned,” he said. “We want to deliver better cybersecurity outcomes to our customers, and do it while optimizing ROI on cybersecurity spend. We believe that we have a better approach to achieving those goals because Sophos X-Ops is the right model for producing threat intelligence, operationalizing it in tight coordination with our product and platform teams, and that it’s differentiated in its composition and scale. Sophos X-Ops should reaffirm our partners’ confidence that we are the best choice of brand to align with for better cybersecurity outcomes for their customers.”

The three groups that make up Sophos X-Ops have been collaborating behind the scenes for some time, Levy said. X-Ops has more than 500 specialized experts worldwide. That includes software developers, automation engineers, malware analysts, reverse engineers, cloud infrastructure engineers, incident responders, data engineers and scientists, and numerous others.

“We’ve reached a point in the industry where attacks have become too frequent and too complex for organizations of any size to battle on their own,” he said. “They need support from partners who are aligned with cybersecurity leaders like Sophos that can provide breadth of expertise in a highly-coordinated fashion. With Sophos X-Ops, threat information flows faster for stronger, more impactful defenses.”

Leaving the Competition Behind

X-Ops furthers Sophos’ position as a “cybersecurity leader” among large industry players that have threat intelligence units, Levy said.

“Additionally, Sophos X-Ops outperforms operations that provide partial components of, for example, threat hunting and analysis,” he said. “The difference is that Sophos X-Ops has more than 500,000 customers worldwide. Sophos’ surface area from telemetry is massive and more diverse. Sophos also provides remediation, which other companies don’t, and remediation is a key component to an effective managed detection and response service. Many businesses, especially those in the sub-1,000 range, need help managing the lifecycle of a cyberattack, from detection, through neutralization, to operationally getting back on their feet. Existing and new Sophos partners can immediately leverage this competitive edge, and ultimately, provide better protection for customers.”

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:


About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like