ChannelLife Australia logo
Industry insider news for Australia's technology resellers
Story image

Sophos unveils cloud protection advancements with Linux and offerings

By Shannon Williams
Thu 21 Apr 2022

Sophos has unveiled advancements to Sophos Cloud Workload Protection, including new Linux host and container security capabilities. 

The enhancements accelerate the detection and response of in-progress attacks and security incidents within Linux operating systems, improve security operations and bolster application performance. 

According to new SophosLabs research, distributed denial-of-service (DDoS) tools, cryptocurrency miners and various types of backdoors were the top three types of Linux threats detected by Sophos in a dataset from January through March 2022. DDoS tools accounted for nearly half of all Linux malware detections during this time, likely due to automated attacks attempting to reinfect updated servers rapidly and repeatedly. SophosLabs has also detected a recent increase in ransomware attackers attempting to use tools targeting virtual machine hypervisors, many of which run on Linux environments, to carry out their attacks.

"Linux environments continue to grow in surface area as organisations around the world increasingly migrate workloads to the cloud. Even though Linux is widely considered to be one of the most secure operating systems, it still harbours inherent and application-based risks and it is not immune to cyberattacks," says Joe Levy, chief technology and product officer at Sophos. 

"Attackers target Linux hosts and containers because they are high value, and often under protected," he says. 

"Sophos Cloud Workload Protection already automates and simplifies the prevention and detection of these attacks on Windows systems, and now Sophos is providing the same observations and capabilities to Linux operating systems."

Securing Linux Infrastructure

Through the integration of Capsule8 technology, which Sophos acquired in July 2021, Sophos Cloud Workload Protection provides powerful and lightweight visibility into on-premise, data centre and cloud-based Linux hosts and containers, securing them from advanced cyberthreats. It leverages analytics around attacker tactics, techniques and procedures to provide cloud-native threat detections, including:

  • Container escapes: Identifies attackers escalating privileges from container access to hosts
  • Cryptominers: Detects behaviours commonly associated with cryptocurrency miners
  • Data destruction: Alerts that an attacker may be trying to delete indicators of compromise that are part of an ongoing investigation
  • Kernel exploits: Highlights if internal kernel functions are being tampered with on a host

Once threats are detected, Sophos XDR (extended detection and response) assigns risk scores to incidents and provides contextual data that enable security analysts as well as the Sophos Managed Threat Response team to streamline investigations and focus on the highest priority incidents. Integrated Live Response further establishes a secure command line terminal to hosts for rapid remediation. 

Sophos Cloud Workload Protection seamlessly integrates with the Sophos Adaptive Cybersecurity Ecosystem, which underpins the entire Sophos portfolio of solutions. The smart ecosystem unifies Sophos range of cloud-native security platform capabilities, including Sophos Cloud Workload Protection, Sophos Cloud Security Posture Management, Kubernetes security posture management, container image scanning, infrastructure-as-code scanning, cloud infrastructure entitlements management, and cloud spend monitoring, to ensure visibility, security and compliance. 

Availability

Sophos Cloud Workload Protection is now available with Sophos Intercept X Advanced for Server with XDR and Sophos Managed Threat Response, and is managed within the cloud-native Sophos Central platform. It can be deployed as a single agent solution that is ideally suited for security operations teams, delivering flexible, lightweight protection with optimised resource limits, without deploying a kernel module. 

Sophos Cloud Workload Protection will also soon be available as a Linux sensor. Ideally suited for DevSecOps and security operations centre teams requiring deep insight into mission-critical workloads with minimal performance impact, the Linux sensor will provide API integration into existing automation, orchestration, log management, and incident response solutions. 

Related stories
Top stories
Story image
Infrastructure
Video: 10 Minute IT Jams - An update from Paessler
Sebastian Krüger joins us today to discuss how unified infrastructure monitoring enables MSPs to seamlessly deliver services to their clients.
Story image
Sustainability
Honeywell named Frankston facility services provider
Honeywell has been named the joint facility services provider for Frankston Hospital’s AU$1.1 billion redevelopment.
Story image
Cybersecurity
How organisations can mitigate IoT and IIoT security risks
IoT and IIoT come with inherent risks because they are often deployed faster than they can be secured, putting organisations in danger of cyber threats. Here are tips on how to mitigate those risks.
Story image
Cloud
BT builds on Equinix partnership with new cloud offering
BT has launched a next-generation cloud connectivity offering extending its global network into strategic carrier-neutral facilities (CNFs) and building on its existing partnership with Equinix.
Story image
Microsoft
SAS wins Microsoft ISV 2022 Partner of the Year award
"We formed the SAS and Microsoft strategic partnership with a shared goal of making it easier for customers to drive better decisions in the cloud."
Story image
Cloudian
Cloudian, Vertica to deliver on-premise data warehouse platform
"We’re enabling our customers to capitalise on a leading object storage platform and maximise the value of their digital assets.”
Story image
Gaming
Sony releases a new gaming gear brand for PC gamers
Sony has unveiled INZONETM, a new gaming gear brand for PC gamers that makes gaming more immersive and offers greater gaming ability.
Story image
Review
Hands-on review: GoDice
In a world where we’re more connected than ever to our smart devices, startup company Particula believes that its innovative product GoDice is the answer to getting everyone reconnected with one another - by turning that smart device into an interactive board game.
Story image
Payroll
How New South Wales state departments achieved cloud migration success
State departments in New South Wales are heading to the cloud to achieve better workflow solutions, and one company is paving the way for their success.
Story image
Mergers and Acquisitions
SAS acquires Kamakura to propel risk technology innovation
Underscoring SAS growth in the domain-specific solutions space, the acquisition will enable SAS to greatly enhance the breadth of its risk solutions portfolio. 
Story image
Telstra
Ericsson and Ciena, Telstra enhance service capacity for Telstra's optical network
Ericsson, Telstra, and Ciena have announced new enhancements to Telstra's Next Generation Optical Network, which will increase the service capacity of Telstra's optical network to 400 GE (Gigabit per Second Ethernet).
Story image
Identity and Access Management
Ping Identity named a Leader in Access Management
Ping Identity has been named a leader in the 2022 KuppingerCole Leadership Compass report for Access Management. 
Story image
Online shopping
Consumers want speed, visibility in return for brand loyalty
72% of Australian shoppers want complete online order visibility and 63% are loyal to retailers who deliver goods the fastest.
Story image
Digital Transformation
Google Cloud launches new Digital Accelerator bundles for Aussie SMBs
The new bundles are designed to help Australian small and medium-sized businesses embrace digital transformation and take their businesses online.
Story image
Artificial Intelligence
Vectra AI named as AWS security competency partner
Threat detection and response company Vectra AI has announced that it has become an Amazon Web Services Security Competency Partner.
Story image
Artificial Intelligence
Dynatrace extends automatic release validation capabilities
Dynatrace has extended its platform release validation capabilities to improve user experience at every stage of the software development lifecycle.
Story image
State Library of Victoria
State Library of Victoria entrusts Oracle support and security to Rimini Street
“Our finance team are very happy with the support and security that Rimini Street provides, which keeps our assets and our customers secure."
Story image
Cybersecurity
FIDO Alliance releases guidelines for optimising UX with FIDO Security Keys
The new guidelines aim to accelerate multi-factor authentication deployment and adoption with FIDO security keys.
Story image
Artificial Intelligence
Siemens expands NVIDIA partnership for industrial metaverse
Siemens is expanding its partnership with NVIDIA to enable the industrial metaverse and increase the use of AI-driven digital twin technology.
Story image
Data Protection
Five signs your business is ready to move to the cloud
Many organisations are thinking about moving to the cloud. But what are the signs you are ready, and what are the reasons to move?
Story image
Amazon
What brands can expect from Amazon Prime Day in Australia
Amazon Prime Day is the annual two-day shopping event, kicking off this year from July 12-13 and is the global online shopping platform's biggest sales event. 
Digital Transformation
Discover the 5 signs your business is ready for a cloud-based ERP. Is your business being left behind as more of your competitors switch to the cloud?
Link image
Project management
Discover the 4 crucial factors for choosing the right job-costing solution. Is your team struggling to cost jobs and keep projects running on budget?
Link image
Story image
Accounting
Four factors to consider when choosing the right job accounting solution
Progressive job-based businesses can achieve success by strengthening their ability to quantify every cost attributable to the delivery of an outcome for a customer.
Story image
Internet of Things
ManageEngine wins big in IDC MarketScape assessment
ManageEngine's Endpoint Central service has been recognised as a leader by IDC MarketScape in several categories including Internet of Things device deployments and UEM software for SMEs.
Story image
Review
Hands-on review – CleanMyMac X utility for macOS
We get hands-on with a useful utility that macOS users never thought they needed but probably do.
Story image
Hybrid Cloud
Advent One acquires Layer 8 Networks, complements hybrid cloud offering
The acquisition comes at a time of surging demand in hybrid cloud, network virtualisation and network security.
Story image
Cybersecurity
Without trust, your security team is dead in the water
The rise of cyberattacks has increased the need for sound security that works across any type of business, but with any change, buy-in is essential. Airwallex explains why.
Story image
Digital Fingerprint
Decline in counterfeit cherries after digital fingerprinting
Reid Fruits says there’s been a dramatic decline in counterfeit products for its cherries over the past three export seasons to Asia because of digital fingerprinting.
Story image
MSP
Video: 10 Minute IT Jams - An update from CyberArk
Olly Stimpson joins us today to discuss the importance of MSP programmes and how MSP partners are experiencing success with CyberArk.
Story image
Wiise
Four things wholesale distributors need to consider for FY2023
In a post-pandemic world, there are many things for a distribution business to juggle. ERP solutions company Wiise narrows down what companies should focus on.
Story image
Samsung
Monitors are an excellent incentive for getting employees back
The pandemic has taught us that hybrid working is a lot easier than we would’ve thought, so how can the office be made to feel as comfortable as home? The answer could be staring you in the face right now.
Story image
WatchGuard Technologies
Ransomware volume doubled 2021 total by end of Q1 2022
Ransomware detections in the first quarter of this year doubled the total volume reported for 2021, according to a new report. 
Story image
Low-code
Appian unveils low-code certification program in Australia
Appian has announced a program to provide the next generation of low-code developers with access to education on the subject and certification to foster career opportunities.
Story image
Enterprise Resource Planning / ERP
Five ways your ERP is letting you down and why its time for a change
Wiise explains while moving to a new system may seem daunting, the truth is that legacy systems could be holding your business back.
Story image
Retail
Australia Post Online Retail Industry Awards finalists for 2022 announced
Finalists have been announced for this year's 2022 Australia Post Online Retail Industry Awards (ORIAS Awards), recognising the achievements of online retailers in Australia.
Story image
Cybersecurity
Tech and data’s role in the changing face of compliance
Accenture's study found that 93% of respondents agree or strongly agree new technologies such as AI and cloud make compliance easier.
Productivity
Discover the 5 ways your ERP may be letting you down. Is your current system outdated, difficult to manage, and costing you a fortune?
Link image
Story image
Microsoft
ASI Solutions named finalist of Microsoft Surface Partner of the Year
"ASI Solutions has a strong Microsoft focus, building value by helping customers maximise investment in modern workplace solutions."
Story image
Cyber Criminal
Identity and access: the fight is on
Blue team defenders are used to protecting our data, applications, and users with access controls and other security mechanisms, which is why attacks like this are especially challenging when they target identity and access control systems.
Supply chain
Discover the 4 critical priorities for wholesale distribution businesses in FY23. Are you worried about how supply chain issues may affect your business in 2023?
Link image
Story image
Aspire
NEC expands Open RAN ecosystem with Aspire Tech acquisition
With its agreement to acquire Aspire Technology, NEC Corporation has further increased its capacity to deliver End-to-End Open RAN ecosystems.
Story image
Supply chain
Supply chains continue to be disrupted, enterprises embrace circular economy
“Businesses urgently need to find a solution that can help them to manage this disruption, and transition to a circular economy."
Story image
Cybersecurity
Delinea’s Joseph Carson recognised with OnCon Icon Award
Delinea chief security scientist and advisory CISO Joseph Carson has been recognised as a Top 50 Information Security Professional in the 2022 OnCon Icon Awards.