Whatever we’d like to say about today’s adversaries, it’s impossible to say they’re not innovative. The attackers are always moving and evolving, creating new strains of malware to get around defenses, using sophisticated techniques and automated tools that make their malicious code hard-to-detect and impossible to ignore.
Staying ahead of advanced threats means we in the IT security business need to be constantly innovating and evolving too. At Sophos, our engineers are always working to develop the next-generation technology that makes us leaders in the industry. And sometimes, we go out and acquire companies that have technologies that complement our own and help us create even better products.
We have been on a mission to build or buy the very best next-gen endpoint security products in the world. Price is no object. And after an extensive search, we found that a small company in the Netherlands called SurfRight actually had the very best technology that mapped to our desire for industry leading, next-gen endpoint protection.
I’m truly excited that by acquiring SurfRight, an innovator in signature-less endpoint threat detection and response (ETDR) and advanced threat prevention, we’re getting cutting edge capabilities that will make our next-gen endpoint solution a class above the rest of the market.
So, what’s so innovative about SurfRight’s approach to zero-day attacks and advanced threats?
SurfRight’s real time anti-exploit technology focuses on detecting and preventing the memory manipulations and abuses that allow malicious code to run in the first place. Generic prevention of exploits at this early stage in the attack chain can help thwart malicious code in the processor and memory, before it can do serious damage.
Because today’s attackers are focused on breaching corporate defenses in any way possible, it’s not a particular form of malware that security solutions need to stop – endpoint solutions need to identify the suspicious behaviors and processes, not merely malicious files and traffic.
SurfRight’s technology, integrated with our next-gen endpoint, can detect and prevent an APT attack in an auto-responding, coordinated way, while reducing the time between detection, response and mitigation.
SurfRight’s products embody the same vision that we have at Sophos – that even the most advanced IT security products should be simple to deploy, either on premise or in the cloud, and easily managed by any sized organization.
This acquisition further enhances our position as a leader in endpoint protection today. SurfRight’s solution allows us to build upon our growing set of next-generation technologies such as behavior-based analytics; Malicious Traffic Detection that monitors HTTP traffic against connections to known bad URLs; and Download Reputation, which leverages a crowd-sourced big data warehouse managed by SophosLabs to determine whether a downloaded file is known to be good or bad, and prompts the user to take appropriate action.
SurfRight’s technology also bolsters the effectiveness of our industry-first synchronized security approach, in which network security and endpoint security actively and continuously communicate with each other to drive a dramatic reduction in the time and resources required to investigate and address security incidents.
We recently announced the first delivery of our synchronized security strategy with the next-generation XG Firewall, and this acquisition further strengthens our “better together” approach as a key advantage for our global customer and partner base.
Sophos will immediately work to integrate the SurfRight technology into our line of endpoint security solutions. Once the integration work has been completed, we will make the technology acquired from SurfRight available via our global network of more than 15,000 channel partners.
Our vision for SurfRight involves continued support for SurfRight’s existing product line, including its popular HitmanPro malware scanning and removal tools used by more than 5 million users worldwide. We will also retain all SurfRight employees and the company’s office in the Netherlands.
I welcome SurfRight CEO Mark Loman and the SurfRight team to the global Sophos family.