Our partner, Sophos, recently launched a tool they call Intercept X. Intercept X creates a complete threat picture - - with a set of comprehensive data that enables you to respond in an effective, timely way based on given alerts. It helps users make sense of their data, and with this visibility it makes future threat prevention simpler.
In addition to the ‘heads up’ it provides so analysis can begin immediately, it is a huge time saver for administrators because it offers a platform that enables users to connect the alerts received to other datasets that may be affected, to link together any suspicious characteristics of any given search, and be able to more easily analyze the data in a dashboard format based on those search efforts.
Intercept X can also drill down on the details you need to stay protected:
- Information on accounts that may have logged on to a particular machine
- A listing of sites that were visited
- Details on the traffic for the network being examined
- Which, if any, apps were blocked
- Other detections that took place during a certain time period
Additional benefits include the ability to view a window of time allows you to examine the status both before and directly following an event. This will help identify any suspicious activity and give you the opportunity to dive down into the details to examine further and determine whether the detection was real or simply a false positive. Based on this flexibility, it reduces the amount of information to manage so more in-depth research can be performed.
Intercept X ensures you have the right tools and information to accelerate the process of determining where efforts should be focused; spending less time on dead ends and unlimited amounts of data.