cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Sophos expands adaptive cyber security ecosystem by acquiring SOC.OS

Sophos announced that it has acquired SOC.OS, an innovator of a cloud-based security alert investigation and triage automation solution.

user iconReporter
Tue, 26 Apr 2022
Sophos expands adaptive cyber security ecosystem by acquiring SOC.OS
expand image

The solution is designed to consolidate and prioritise high volumes of security alerts from multiple products and platforms across an organisation’s estate, allowing security operations teams to quickly understand and respond to the most urgent cases flagged. SOC.OS launched in 2020 and is a spinout of BAE Systems Digital Intelligence. The company is privately held and based in Milton Keynes, UK.

With SOC.OS, Sophos plans to advance its Managed Threat Response (MTR) and Extended Detection and Response (XDR) solutions for organisations of all sizes. SOC.OS is expected to help Sophos expand its Adaptive Cybersecurity Ecosystem, which underpins all of Sophos security solutions. This will include providing alerts and events from third-party endpoint, server, firewall, identity and access management (IAM), cloud workload, email, and mobile security products.

In November 2021, the Gartner Market Guide for Extended Detection and Response stated, “To make XDR a long-term investment, (organisations need to) evaluate breadth and depth of ecosystem integration. The easier the XDR can integrate into your existing environment, the better an investment it will be.”


Sophos MTR is one of the fastest-growing new offerings in the company’s history, according to Joe Levy, chief technology and product officer at Sophos.

We now stand as one of the largest managed detection and response (MDR) operations in the world, delivering superior security outcomes through an MTR service with more than 8,000 customers.

The top enhancement request from these customers is ‘better integrations with existing security environments, and with the innovative technology from SOC.OS, we will be able to do just that – seamlessly integrate Sophos’ MTR and XDR solutions within their current set of security and IT solutions.

SOC.OS will also provide our Adaptive Cybersecurity Ecosystem with a broader set of third-party telemetry, so security analysts have better visibility into important events and alerts.

With cyber attacks, such as ransomware, becoming increasingly prevalent and complex, security operations teams are under constant pressure to monitor every aspect of their organisation.

Between 24/7 threat activity, high volumes of security alerts and false positives, and understaffing, organisations need XDR or MTR, plus a solution from SOC.OS that automatically clusters and triages alerts.

According to Dave Mareels, chief executive officer and co-founder at SOC.OS, alert fatigue and lack of visibility still plague security teams worldwide.

Considering this, against the backdrop of constantly changing cyber threats and a challenging talent landscape, defenders need new and innovative products and services that can help them solve more complex incidents in less time.

For many defenders, however, the complexity and cost of traditional security solutions act as barriers to adoption.

By joining forces with Sophos, we can address these challenges together, head on.

The sum is greater than our parts, and by combining our capabilities, we’re positioned to offer truly unique, cost effective and highly accessible products and services to those who need it most, on a global scale, Mareels said.

[Related: Microsoft Exchange servers targeted by Hive ransomware via ProxyShell exploits]

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.