Sophos

“A breach could derail diplomatic negotiations, leak sensitive documents, damage international reputation, and disrupt critical services.” — Milton Sampaio, COP30 IT Coordinator Securing #COP30, the United Nations’ climate summit in the heart of the Amazon rainforest, meant defending a temporary global network against millions of attempted attacks. At this scale, the challenge wasn’t just the volume of alerts. Analysts needed real-time visibility they could act on immediately. Sophos MDR delivered continuous monitoring, rapid detection, and automated containment across the summit environment. 100% coverage. Zero interruption to diplomacy. See how Sophos secured COP30: https://lnkd.in/gF9u82qQ

AI just became the world’s most dangerous exploit writer. Anthropic’s Claude Mythos Preview can identify unknown vulnerabilities and generate working exploit code on demand. In a recent Sophos X-Ops red-team exercise, AI cut Active Directory discovery from 3 days to 3 hours, from a single unprivileged account. The technology is here, but the question is whether your endpoint can outpace it. Learn more: https://lnkd.in/g7TcCBjc

Plenty has been written about the risks of agentic AI, much less about the specific technical controls to reduce that risk. Our CISO Ross McKerchar and our internal security team share seven things teams can do today to reduce blast radius when an agent sits in the "lethal trifecta" of: 🔹 access to private data 🔹 exposure to untrusted input 🔹 the ability to communicate externally Designed to help guide your AI journey, all rooted in our real, lived experiences: https://lnkd.in/eNyN3ukV

For five years, Sophos engaged in defensive and counter-offensive operations against China-based, state-sponsored threat actors. Back in 2024, we released the groundbreaking research, and now #DarknetDiaries, the most popular cybersecurity podcast in the world, has spent 90 minutes telling the full story. Five years of watching state-sponsored threat actors develop exploits in real time, pre-empting attacks before they could land, and working with the Federal Bureau of Investigation (FBI) to put the lead operator on the Cyber Most Wanted list with a $10M bounty. Every one of those learnings is baked into Sophos Firewall, making it arguably the most secure and hardened firewall on the market. Listen now: https://lnkd.in/e4gpK9x4

What’s really happening with identity security right now? We surveyed 5,000 organizations across 17 countries and 14 industries to get a clear picture. 71% of organizations experienced an identity-related breach, and the average cost to remediate was $1.64M. At the same time, non-human identities now often outnumber human users by 100:1. Many are highly privileged, rarely audited, and difficult to track, especially as AI continues to accelerate their growth. Most identity and access controls weren’t designed for this reality. The Sophos State of Identity Report 2026 looks at what’s changing, where organizations are exposed, and how to respond. Read the full report: https://lnkd.in/g7C4kXhy

Frontier AI is redefining what’s possible for defenders and cyber defense, and GPT-5.5-Cyber is changing the game. We’re proud to be a member of OpenAI’s Trusted Access for Cyber (TAC) Program. A program designed to give trusted cybersecurity defenders secure access to advanced AI capabilities to help organizations detect, investigate, and respond to cyber threats faster and more effectively. “AI has compressed the attack lifecycle from weeks to minutes. Together with OpenAI, Sophos is accelerating defense by bringing frontier AI into the world’s largest agentic SOC, while Sophos Endpoint stops exploits at execution, whether they’re decades old or generated seconds ago.” John Peterson, CTO Read more: https://lnkd.in/gdJ2YzHr

🏆 Sophos has been recognized as an Overall Leader, Product Leader, Innovation Leader... and Market Leader, in the 2026 KuppingerCole Analysts Leadership Compass for MDR. Leading across all four categories is an incredible achievement, especially as KuppingerCole evaluated providers on real-world outcomes, not feature lists. As agentic AI accelerates both attacks and defense, the role of MDR has never been more critical. From 24/7 monitoring to validated detections and coordinated response, Sophos MDR is built to reduce noise, investigate faster, and provide operational confidence. Read more on the KuppingerCole report: https://lnkd.in/gStWitpb

Inside a UK retailer with 9,000 employees, an attacker had everything they needed for a Microsoft 365 breach, but they had just 60 seconds. One phishing email was all it took to steal a user's credentials and Microsoft 365 session token via an Adversary-in-the-Middle phish, and start logging in from three different countries. From their perspective, they were in. From Sophos MDR's, the clock had already started. Sophos MDR analysts spotted the giveaway: the digital signature on the login didn't match the real user's device. The sign-in was disabled, active sessions terminated, and the incident contained before any real damage was done. Thanks to Sophos' deep integrations with Microsoft, the gap between breach and contained was measured in seconds, not hours. Microsoft-native signals from Entra ID and M365 Management Activity, flowing into Sophos detection logic and human-led MDR response — that's what Stronger Together actually looks like in practice. Learn more: https://lnkd.in/ex6tk2dh

As organizations race to adopt AI, attackers are moving just as fast to capitalize on the tools your teams trust and rely on. Sophos X-Ops has recently uncovered a fake Claude AI site quietly delivering a previously undocumented backdoor. Once installed, it gives attackers full remote access to a machine, silently and persistently. Read the full article to learn how the attack works, what to look for, and how to protect your organization 👇

This year’s World Password Day is really all about passkeys. We know passkeys are the future of authentication, but rolling them out across your business is the real challenge. When many organizations are still dealing with basics like password reuse, making the leap can feel like a big ask. Along the way, our internal security team documented every step and turned those learnings into a practical CISO playbook on adopting passkeys. It’s free and a useful resource if you want to understand what actually works, avoid common pitfalls in rollout, and take a more structured approach to moving beyond passwords. 🔗 https://lnkd.in/eUe7SuqK #worldpasswordday