Sophos EDR - User
Sophos EDR - Endpoint Detection and Response
Endpoint Detection and Response - detect, analyze and respond to suspicious activity with AI-powered prioritization and automatic MITRE mapping.
Detect and analyze threats
Sophos EDR goes beyond the endpoint and includes data from the firewall, email, cloud and mobile devices. Suspicious activities are correlated across products so that complex attacks can be detected and eliminated more quickly.
AI-supported detection
AI-based prioritization of detections, automatic mappings to the MITRE framework and Linux container behavior and exploit detections enable your team to respond quickly and accurately.
Functions
Endpoint Detection & Response
Cross-product event correlation and analysis for comprehensive security.
Live Discover query tool
Simple SQL-free search, scheduled queries and export of forensic data.
Deep learning technology
AI detects known and unknown malware, including anti-ransomware and anti-exploit.
90 days cloud data storage
Extensive data on the device and in the cloud for up-to-date insights and forensic analysis.
What is included in EDR?
| Functions | Endpoint | Endpoint with EDR |
|---|---|---|
| PROTECTION | ||
| Deep Learning & Anti-Ransomware | ||
| Exploit Prevention (60+ techniques) | ||
| Adaptive Attack Protection | ||
| DETECTION & ANALYSIS | ||
| Extensive data on device and cloud | - | |
| AI-based prioritization | - | |
| MITRE framework mappings | - | |
| Live Discover & SQL-free search | - | |
| RCA threat graphs | ||
| REACTION | ||
| Automatic malware cleanup | ||
| On-demand device isolation | - | |
| Live Response (remote terminal) | - | |
Downloads & Resources
If you have any questions about documentation or licensing, please contact our Advisory team.
Purchasing advice
Are you unsure which license is right for you? Our team of experts will be happy to advise you - free of charge and without obligation.
- ✔ Individual needs analysis
- ✔ Product and license comparison
- ✔ Support with migration and renewal
- ✔ Special conditions for EDU and GOV
Related products
Server EDR for threat hunting and incident response.
Endpoint - User
Next-gen endpoint protection for workstations with AI-based threat detection.
Server-XDR: Enhanced protection with cross-product threat detection.
Endpoint - Server
Server protection with anti-ransomware, application whitelisting and cloud workload protection.
Extended Detection & Response: Endpoint protection + comprehensive threat detection.