I am so excited to announce our acquisition of Invincea, a next-generation endpoint security company founded by Dr. Anup Ghosh in 2009.
- Sophos Central Endpoint: New Endpoint Installer Frequently ..
- Sophos | Fully Synchronized, Cloud-Native Data Security
- Sophos Invincea Installed
24/7 threat hunting, detection, and response delivered by an expert team as a fully-managed service. Going beyond simply notifying you of attacks or suspicious behaviors, Sophos takes targeted actions on your behalf to neutralize even the most sophisticated. The Invincea Engine has been licensed to other 3rd party vendors. If a product using Invincea technology is installed on your system you have to remove it before you can install the Sophos Endpoint Agent. One example is Dell Protected Workspace. Can I use the new installer to migrate my endpoints from Enterprise Console to Sophos Central?
Feb 23, 2017 Invincea to Sell to Sophos February 23, 2017 Reston – February 23, 2017 – Cooley is advising longstanding client Invincea on its pending sale to Sophos (LSE: SOPH), an Oxford, UK-based global leader in network and endpoint security, for up to $120 million. Sophos snaps up machine learning tech firm Invincea to fight modern malware. The anti-malware provider has been acquired in a deal worth $100 million. Apr 09, 2020 Seth Geftic is a Director at Sophos focusing on endpoint security. Prior to joining Sophos he was a Director of Product Marketing at Invincea (acquired by Sophos in 2017). Seth was previously a Senior Manager in the Advanced Security Operations Center (SOC) Solution group and the cybercrime team at RSA.
One may ask, if you already have great next-generation technology, why do you need Invincea’s technology?
There’s an “Avengers” analogy to be had here: It’s great to have a group of heroes around to defend the world. But it’s much better to add another hero to the ensemble.
Think of Invincea as the superhero that takes our ensemble to the next level – the entity that adds neural network-based machine learning to the team.
The path to Invincea: Endpoint Protection and Intercept X
In recent years Sophos has worked to reduce our reliance on signatures, moving from traditional antivirus to next-generation advanced malware detection and prevention with technologies like behavioral detections, malicious traffic detections, emulation, and security heartbeat. As a result, only a tiny fraction of the detections in Sophos Endpoint Protection are signature-based.
Because of our ensemble of next-generation technology, we have been able to keep malware detection rates high and false positives low. For years, the security market has focused on scanning executables for anti-malware, but now we see a growing number of data breaches occur due to exploits. As a result, we’ve pushed aggressively into the realm of next-generation exploit detection/prevention with Sophos Intercept X.
In September we launched Intercept X, a powerful signatureless next-generation product with exploit protection, anti-ransomware, protection against in-memory malware, root cause analytics and forensic-based malware removal. This new product was developed by combining technologies from Sophos with that acquired from our SurfRight acquisition in 2015.
Expanding the ensemble
Invincea was built to address the gathering threat from advanced adversaries, most notably those using zero-day methods that target companies, governments and critical infrastructure. A neural network-based approach to machine learning is at the heart of this next-generation signatureless approach. The algorithms were developed by the same data scientists who worked on the DARPA Cyber Genome project at Invincea Labs.
With Invincea, we add this effective machine-based learning approach to detect malware that previously could sneak past traditional signature-based technology. In third-party testing, and with customers, it has proven to be extremely effective while having low false positives.
Invincea currently protects companies and government agencies with between 200 and 200,000 employees.
Now it’s part of our ensemble, and will make us even stronger.
Machine learning
Let’s focus some more on the machine-learning approach that’s central to how Invincea functions.
The process is more efficient, performant and effective than anything we’ve seen before. And with this, the better our ability to stop malware in its tracks before it becomes a problem for the customer.
Some of the high points:
- Deep Learning Neural Network implementation leads to better detection and lower false positives as compared to more primitive ML implementations.
- Invincea’s approach is targeted at finding malware that shares common characteristics with known malware, but whose similarities often escape human analysis; this makes it effective at volume detection of derivative malware, using methods that scale.
- Deep learning detection of executable malware with Bayesian calibration maximizes both sensitivity and specificity.
- Techniques are extensible to detections beyond just executables and beyond just files.
- Behavioral-based detections provide extensive coverage of the tactics and techniques employed by advanced adversaries.
How we’ll integrate Invincea
Invincea’s technology will be integrated into an Endpoint Protection product and offered through Sophos Central. This will be a key part of our unique security strategy, Synchronized Security.
With Synchronized Security, our products speak directly to one another to share actionable intelligence that can improve effectiveness and responsiveness to threats. Error 1722 cisco vpn client installation windows 10. With Invincia’s technology, when we identify an attack, our Security Heartbeat will transmit this information to several Sophos products such as our XG Firewall and SGN Encryption and they will take the appropriate action to further product our customers.
We are very excited to roll our new, more comprehensive ensemble, and we look forward to the stronger security it’ll provide our customers.
Sophos announced Wednesday that it had entered into an agreement to acquire Invincea, a move partners said would boost the company's platform strategy and next-generation endpoint security capabilities.
The deal is worth $100 million in cash, with a $20 million earn-out. The acquisition does not include Invincea Labs, which operates and is managed separately.
Invincea, of Fairfax, Va., uses machine learning and deep learning neural-network algorithms to detect unknown malware without the use of signatures. Kendra Krause, Sophos' vice president of global channels, said the addition of Invincea's machine learning capabilities fills out the last piece of Sophos' growing endpoint security portfolio.
[Related: Sophos Adds Encryption To Synchronized Security Strategy With SafeGuard Encryption 8 Launch]
'Invincea brings that last piece we have been looking for, and that is machine-based learning,' Krause said in an interview with CRN. 'Sophos can now deliver a full, comprehensive technology into the next-generation endpoint security market.'
CTO Joe Levy said the Invincea technology will expand the Sophos platform to be able to perform meaningful analysis on malware samples, leveraging machine learning for predictive analysis, and to keep pace with an increasing amount of unknown threats. Levy said Sophos evaluated other alternatives, but found Invincea's machine learning algorithms and data architectures to have better detection and lower false positives than the alternatives. He said the addition of Invincea to the Sophos platform will help the company 'define what next-generation [endpoint security] means.'
'This is our stake in the ground as to what the essential components for a next-generation endpoint solution are,' Levy said.
Krause said the acquisition will be a big boost to partners as it expands the company's next-generation endpoint security capabilities and adds to its synchronized security platform.
Sophos Central Endpoint: New Endpoint Installer Frequently ..
'For the Sophos partner, [the acquisition of Invincea] just provides that complete next-generation endpoint protection for them to go to market with. Sophos develops, integrates and acquires technology to bring the best of what a next-generation security solution is to customers,' Krause said.
Sam Heard, president of Data Integrity Services, a Lakeland, Fla.-based Sophos partner, said he was glad to see Sophos continue to buy and integrate technologies that are focused on the security market. Maya lt bonus tools 2018.
Sophos | Fully Synchronized, Cloud-Native Data Security
'They’ve got a good track record of acquiring technologies and integrating it,' Heard said. 'I like this. I like this a lot.'
Heard said he particularly likes how the Invincea acquisition adds to Sophos' synchronized security platform, which he said really appeals to customers looking for integrated protection across both network and endpoint security.
'I love the synchronized security message. The stronger you can make an endpoint along with the firewall platform, the better overall picture… It's just going to make the product even better,' Heard said.
Krause said the entire Invincea team will be joining Sophos. That includes Invincea founder and CEO Anup Ghosh, who will now serve as chief evangelist for next-generation endpoint security at Sophos, and COO Norm Laudermilch. Ghosh said joining Sophos will allow Invincea's technology to reach more customers, and bring together two companies on the Gartner Magic Quadrant for endpoint security. He said Sophos is a good cultural and technical fit for Invincea.
'From an engineering and cultural point of view, we are completely aligned around vision and innovation. Sophos just has a tremendous platform and an amazing channel presence. From an entrepreneur's point of view, this is what we always wanted, which was get to market in a very big way,' Ghosh said in an interview with CRN.
The acquisition comes at the beginning of what is likely to be a period of significant consolidation in the endpoint security market. Krause said she predicts other platform security companies will follow suit in acquiring next-generation endpoint security startups, as customers are looking for a full set of integrated security solutions, instead of pieces of the puzzle.
'I would foresee continued consolidation,' Krause said. 'We believe we are very groundbreaking in the sense of having that compete solution. If we are first to market, I do believe others will follow.'
Krause said Sophos will run the Invincea partner program independently of the Sophos partner program in the near term to make sure both companies' partners and customers are fully supported. Invincea announced earlier this year that it had shifted to a 100-percent channel model, similar to that of Sophos, and launched a new partner program. She said Sophos will be working to integrate the Invincea technology into its portfolio, planning to do so in the next 12 months. As that time, she said, the company will decide how to integrate the partner programs.
Sophos Invincea Installed
The closing of the deal is pending various closing conditions, Sophos said.