|Founded||1985; 36 years ago|
|Revenue||$640.7 million (2018)|
|US$46.9 million (2018)|
|US$66.3 million (2018)|
Number of employees
Sophos Group plc is a British security software and hardware company. Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management. Sophos is primarily focused on providing security software to 100- to 5,000-seat organizations. While not a primary focus, Sophos also protects home users, through free and paid antivirus solutions (Sophos Home/Home Premium) intended to demonstrate product functionality. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020.
Sophos Threat Hunting Academy On-Demand Deep dive into the varied methods cyber attackers use to penetrate the networks of an entire organization. In this on-demand webcast series, you will learn how Sophos EDR can help detect these invasions before they escalate and, ultimately, eliminate the threat. Events from Sophos Cloud Optix generate MTR detections, including anomalous IAM user login activity, outbound network traffic connections, and other high-risk activity. Additional threat detections can be added via integration with the Amazon GuardDuty service, which analyzes CloudTrail, DNS.
That said, Sophos is a pretty good choice for users looking for a simple antivirus that offers consistently reliable protection against all types of known and emerging malware and internet security threats. Plus, Sophos is one of the cheapest antiviruses around, it offers a free trial (no credit card required), and it has a risk-free 30-day. Applies to the following Sophos products and versions Sophos Firewall What to do Advanced Threat Protection analyzes all network traffic (DNS requests, HTTP requests, or IP packets in general). It also incorporates Intrusion Prevention and Antivirus data if the respective features are activated. Go to Advanced Threat Advanced Threat Protection.
Sophos was founded by Jan Hruska and Peter Lammer and began producing its first antivirus and encryption products in 1985. During the late 1980s and into the 1990s, Sophos primarily developed and sold a range of security technologies in the UK, including encryption tools available for most users (private or business). In the late 1990s, Sophos concentrated its efforts on the development and sale of antivirus technology, and embarked on a program of international expansion.
In 2003, Sophos acquired ActiveState, a North American software company that developed anti-spam software. At that time viruses were being spread primarily through email spam and this allowed Sophos to produce a combined anti-spam and antivirus solution. In 2006, Peter Gyenes and Steve Munford were named chairman and CEO of Sophos, respectively. Jan Hruska and Peter Lammer remain as members of the board of directors. In 2010, the majority interest of Sophos was sold to Apax. In 2010, Nick Bray, formerly Group CFO at Micro Focus International, was named CFO of Sophos.
In 2011, Utimaco Safeware AG (acquired by Sophos in 2008–9) were accused of supplying data monitoring and tracking software to partners that have sold to governments such as Syria: Sophos issued a statement of apology and confirmed that they had suspended their relationship with the partners in question and launched an investigation. In 2012, Kris Hagerman, formerly CEO at Corel Corporation, was named CEO of Sophos and joined the company's board. Former CEO Steve Munford became non-executive chairman of the board. In February 2014, Sophos announced that it had acquired Cyberoam Technologies, a provider of network security products. In June 2015, Sophos announced plans to raise $US100 million on the London Stock Exchange. Sophos was floated on the FTSE in September 2015.
On 14 October 2019 Sophos announced that Thoma Bravo, a US-based private equity firm, made an offer to acquire Sophos for US$7.40 per share, representing an enterprise value of approximately $3.9 billion. The board of directors of Sophos stated their intention to unanimously recommend the offer to the company's shareholders. On 2 March 2020 Sophos announced the completion of the acquisition.
Acquisitions and partnerships
From September 2003 to February 2006, Sophos served as the parent company of ActiveState, a developer of programming tools for dynamic programming languages: in February 2006, ActiveState became an independent company when it was sold to Vancouver-based venture capitalist firm Pender Financial. In 2007, Sophos acquired ENDFORCE, a company based in Ohio, United States, which developed and sold security policy compliance and Network Access Control (NAC) software. In November 2016, Sophos acquired Barricade, a pioneering start-up with a powerful behavior-based analytics engine built on machine learning techniques, to strengthen synchronized security capabilities and next-generation network and endpoint protection. In February 2017, Sophos acquired Invincea, a software company that provides malware threat detection, prevention, and pre-breach forensic intelligence.
In March 2020, Thoma Bravo acquired Sophos for $3.9 billion.
- ^ abcd'Annual Report 2018'(PDF). Sophos. Retrieved 20 March 2019.
- ^'Sophos: the early years'. Naked Security.
- ^'Exterminator Tools'. Windows IT Pro. 15 November 1999. Retrieved 24 April 2017.
- ^'Sophos acquires anti-spam specialist ActiveState'. www.sophos.com. Retrieved 3 January 2016.
- ^'Sophos Management Team Global Leaders in IT Security'. sophos.com.
- ^'Apax Partners to acquire majority stake in Sophos'.
- ^'Board of Directors'.
- ^'The Bureau Investigates article'. Archived from the original on 4 December 2011.
- ^'Statement from Sophos on Recent Media Reports'.
- ^'Sophos Board of Directors webpage'.
- ^'Sophos Acquires Cyberoam to Boost Layered Defense Portfolio'. Infosecurity Magazine.
- ^'Sophos Plans $100 Million London IPO'.
- ^'Sophos joins the UK's top public companies in the FTSE 250'.
- ^'Sophos founders exit before Thoma Bravo sale'. Global Capital. 5 December 2019. Retrieved 25 February 2020.
- ^'Sophos opens new chapter with take-private acquisition'.
- ^'ActiveState Acquired by Employees and Pender Financial Group; Company Renews Focus on Tools and Solutions for Dynamic Languages'. Business Wire. 22 February 2006. Retrieved 24 April 2017.
- ^'Sophos buys Endforce for network access control'. Network World. 11 January 2007. Retrieved 24 April 2017.
- ^Wauters, Robin. 'Sophos beefs up on online security, acquires Dutch security software firm SurfRight for $31.8 million'. Retrieved 2 August 2016.
- ^'Sophos Adds Advanced Machine Learning to Its Next-Generation Endpoint Protection Portfolio with Acquisition of Invincea'. Sophos. 8 February 2017. Retrieved 11 February 2017.
- ^'Sophos grows anti-malware ensemble with Invincea'. Sophos. 8 February 2017. Retrieved 11 February 2017.
One may ask, if you already have great next-generation technology, why do you need Invincea’s technology?..Think of Invincea as the superhero that takes our ensemble to the next level – the entity that adds neural network-based machine learning to the team.
- ^'Sophos to Acquire Invincea to Add Industry Leading Machine Learning to its Next Generation Endpoint Protection Portfolio'. Invincea. 8 February 2017. Retrieved 11 February 2017.
- ^'Thoma Bravo completes $3.9B Sophos acquisition'. TechCrunch. Retrieved 7 April 2020.
Here you can see the domains and IP addresses that Phish Threat uses to send campaign emails.
Sophos Threat Analysis
Go to Phish Threat > Settings > Sending domains and IPs to review your domains and IP addresses.
You must allow email and web traffic to and from these IPs and domains on your email gateway, web proxy, firewall appliance, or anywhere else in your environment where email and web filtering is done.
You can also find out more about how Office 365 ATP Safe Link and Safe Attachments interact with Phish Threat V2.
Sophos Threat Cleanup
This list updates when we add new IPs and domains.
To ensure successful delivery of Phish Threat emails, you must add the following IP addresses to your allow list:
You must also add the domains listed below to your allow lists.
If you're using an external email proxy (including Central Email), you may also need to amend your SPF records.
Links contained within campaign emails are configured to redirect users to an awstrack.me URL. Knives out tomatoes. This is expected behavior, as Phish Threat uses AWS tracking to determine which users have clicked on the malicious links.
Office 365 ATP Safe Links and Safe Attachments
Sophos Threatsaurus Pdf
Office 365 Advanced Threat Protection (ATP) offers security features such as Safe Links and Safe Attachments.
ATP Safe Links can help protect the organization by providing time-of-click verification of web addresses (URLs) in email messages and Office documents. The ATP Safe Attachments feature checks to see if email attachments are malicious, and then takes action to protect the organization.
If Phish Threat V2 IP address and domain names are not included in the allow list, Office 365 executes the links. This makes it seem like an end user has clicked on the links. To ensure the proper execution of Phish Threat V2 with Office 365, set up an exception for the phish threat for both Safe Links and Safe Attachments in Office 365. For instructions on how to set up these exceptions, see IP addresses and domains.
Other 3rd party email scanning products and Phish Threat V2
Other 3rd party email security products may apply their own scanning techniques that open links and attachments in emails as they are processed. If this is the case you may receive reports indicating that your users have clicked links.
Please make sure the above IPs and domains are added to allow lists within the 3rd party product.
We are aware that some 3rd party solutions do not allow their security features to be bypassed in this way. We are actively investigating ways to prevent false positive campaign results caused by 3rd party security products. We hope to include these in Phish Threat in the near future.