Stopping Active Adversaries: Lessons From The Cyber FrontlineLearnings for IT and business leaders based on analysis of 232 major cyber incidents remediated by Sophos X-Ops incident responders
This paper shares key findings from analysis of 232 cyberattacks remediated by Sophos X-Ops incident responders in 2022 and the first half of 2023. It consolidates learnings from the three Sophos Active Adversary reports of 2023 to provide a unique window into the tactics, techniques, and procedures employed by today’s skilled, professional cybercriminals.
Report Snap Shot
Sophos Rapid Response is supported by over 150 analysts in the Sophos Managed Detection and Response (MDR) Security Operations Center (SOC). These analysts provide real-time insights into what they are seeing and stopping across the many thousands of customer environments that they monitor and proactively secure every day.
Further supporting the team are 400 Sophos Labs malware analysts who are experts at unpacking, understanding, and blocking malicious code. Sophos incident responders’ goal is to quickly triage, contain, and neutralize active threats and eject adversaries to prevent any further damage.