Sophos has strengthened its cloud-based analytic capabilities to protect endpoints from malware and malicious websites.
In Sophos Endpoint Security and Data Protection 9.5, Sophos has added what it calls “Live Protection,” a new spin on the company’s approach to the cloud. Rather than sending updates to endpoints from the company’s database of malicious URLs and applications a few times a day, the endpoint now has real-time access and can query the database anytime it sees something suspicious.
According to Sophos, this gives users access too the very latest protections and allows the endpoint to use host based intrusion prevention (HIPS) without the fear of false positives.
“Basically the computer sees the program as it sees as being suspicious, it can go to our in-the-cloud database and say, -I’ve seen this thing, it looks suspicious what can I do?'” explained Rainer Gawlick, chief marketing officer at Sophos.
The solution now examines files before they execute, as well as while they are executing to identify malware.
The Live Protection technology also extends the Web protection – via the URL filter – to endpoints even if they are not sitting behind the web appliance, Gawlick said. The Sophos URL database contains more than 11 million malicious URLs, and the solution prevents real-time access to URLs that have been identified as hosting malware.
“In the past, only the Web appliance got the real time URL update so you were only protected if you were surfing the Web from inside the corporate network,” he said. “Now you are protected anywhere you might access the Internet.”
Sophos Endpoint Security and Data Protection 9.5 is slated to ship at the end of June.