Security solutions provider Sophos announced new enhancements to its Security Operations portfolio following its $859 million acquisition of Secureworks in February 2025. The updates include new capabilities in identity protection, endpoint security, and artificial intelligence to strengthen defenses against cyber threats.
The company has introduced Sophos Identity Threat Detection and Response (ITDR), which helps organizations detect and respond to identity-based attacks. The service, based on Secureworks’ Taegis IDR technology, provides faster visibility into identity risks and adds stronger layers of protection against one of the most common forms of cyberattacks today.
“Our strategy is to meet organizations wherever they are in their cybersecurity journey, uniting advanced defenses with deep human expertise to outpace adversaries,” said Raja Patel, chief product officer of Sophos.
Sophos also launched Advisory Services, which provides penetration testing and advanced security assessments to help organizations identify system weaknesses and reduce cyber risk. The service is supported by threat intelligence from Sophos X-Ops, a team composed of multiple specialized units.
As part of the Secureworks integration, Sophos merged Secureworks’ Counter Threat Unit (CTU) with its own X-Ops division. This strengthens Sophos’ threat intelligence network, which now includes expanded expertise in adversary tracking, dark web monitoring, and collaboration with government and law enforcement agencies.
The combined intelligence supports all Sophos products and services, enhancing defenses against ransomware, state-sponsored cyberattacks, and identity-based threats.
Sophos also has integrated its endpoint protection with Secureworks Taegis Managed Detection and Response (MDR) and Extended Detection and Response (XDR) solutions. The integration provides customers with unified detection, prevention, and response features while simplifying security management and reducing costs.
The company also updated its Endpoint Security portfolio, introducing a simplified licensing tier for Endpoint Detection and Response (EDR) to make enterprise-grade protection more accessible to businesses of all sizes.
Sophos has further advanced its use of AI, adding new “Security Analyst” and “Threat Hunting” assistants in its XDR and MDR platforms. These AI tools, informed by Sophos’ global threat analysts, help teams identify risks, enrich investigations, and speed up incident response.
Starting November 2025, Sophos will also expand integration options for customers, allowing all MDR and XDR subscribers to connect third-party tools, such as firewalls, cloud, email, and identity systems, through the open Sophos Central platform at no extra cost. This aims to improve visibility across IT systems and enhance response speed against cyber threats.