Sophos has recently unveiled Sophos ZTNA, the only zero trust network access (ZTNA) offering that fully integrates with a next generation endpoint solution – Sophos Intercept X – providing advanced endpoint protection and zero trust network access with a single agent. Sophos ZTNA introduces a transparent and scalable security model for connecting users and devices to applications and data, improving and simplifying protection against ransomware and other advanced cybersecurity threats.
Sophos has also published new research, “Windows Services Lay the Groundwork for a Midas Ransomware Attack,” shining light on the importance of ZTNA. The research details how attackers were able to spend nearly two months undetected in a target’s environment, taking advantage of limited access controls and network and application segregation, which would have been better protected with ZTNA.
The attackers further leveraged no longer used “ghost” remote access tools to move laterally, target and compromise other machines, create new accounts, install back doors and exfiltrate data before releasing the Midas ransomware.
Through its unique integration with Sophos Intercept X, including Sophos Extended Detection and Response (XDR), Sophos Managed Threat Response and other solutions using its technology, Sophos ZTNA removes the complexities of managing multiple vendor products and agents and provides end to end protection for endpoints, users, their identities and the applications and networks that they connect to. As part of the Sophos Adaptive Cybersecurity Ecosystem, Sophos ZTNA shares real-time threat intelligence with other solutions and automatically responds to threats.
Working together, the solutions can better identify active threats and assess device health, so compromised and non-compliant devices can be quickly isolated.