Intercept X for Server 采用深度学习，一种高级机器学习形式，不依赖特征码检测已知和未知恶意软件。
深度学习令 Intercept X for Server 更加智能，更加可扩展，能够更加有效防御从未见过的威胁。Intercept X for Server 利用深度学习技术，在性能上胜过使用传统机器学习或特征码检测技术的安全解决方案。
Intercept X for Server 采用反勒索软件功能，侦测恶意加密进程，从而关闭以防止其在网络中传播。阻止基于文件和主引导记录 (MBR) 的勒索软件。
- Extended detection and response (XDR) provides complete visibility of hosts, containers, endpoints, the network, and even cloud provider native services
- Cloud-native behavioral and exploit runtime detections identify threats including container escapes, kernel exploits, and privilege escalation attempts
- Streamlined threat investigation workflows prioritize high-risk incident detections and consolidate connected events to increase efficiency
- Integrated Live Response establishes a secure command line terminal to hosts for remediation
Single Host Agent
Secure the host and container with an agent managed from the Sophos Central management console. Easily investigate and respond to behavioral, exploit, and malware threats in one place while increasing IT hygiene with automated detections, intuitive querying, and remote response capabilities.
Integrated Threat Intelligence
Fine-tuned for maximum performance, seamlessly enrich your security operations workflows with an ultra-lightweight Linux sensor providing API integration of host and container behavioral and exploit runtime detections into your existing automation, orchestration, log management, and incident response tooling – available soon.
Block Unknown Threats
Intercept X for Server uses deep learning, an advanced form of machine learning that detects both known and unknown malware without relying on signatures.
Deep learning makes Intercept X for Server smarter, more scalable, and more effective against never-seen-before threats. Intercept X for Server leverages deep learning to outperform security solutions that use traditional machine learning or signature-based detection alone.
Stop Ransomware in Its Tracks
Intercept X for Server includes anti-ransomware capabilities that detect malicious encryption processes and block them before they can spread across your network. Both file-based and master boot record (MBR) ransomware is stopped.
Any encrypted files are rolled back to a safe state so your employees can continue working uninterrupted, minimizing the impact to business continuity. You get detailed post-cleanup information so you can see where the threat got in, what it touched, and when it was neutralized.
- Proactively identify unsanctioned activity and misconfigurations across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)
- Continuously discover cloud resources with detailed inventory and visibility of Sophos host protection and Sophos Firewall deployments
- Automatically overlay security best practice standards to detect gaps in posture, identify quick wins and critical issues
- Detect high-risk anomalies in user IAM role behavior, pinpointing unusual access patterns, locations, and malicious behaviors quickly to prevent a breach
Intercept X Advanced for Server with XDR 为 IT 管理员和网络安全分析师设计，帮助企业快速解答业务关键问题。从预先编写的全定制查询选择，防护丰富的设备数据和 Sophos Data Lake 中存储的离线信息。用例包括：
- 识别启用 RDP 和 SSH 的服务器
|Sophos Intercept X Advanced for Server||Sophos Intercept X Advanced for Server with XDR|
管理 – 查看并保护更广泛的云环境）