06 Nov Sophos Central Security Portfolio for 2026
Sophos expands its Security Operations Portfolio: Smarter, more integrated protection.
October 2025 marks a major milestone for Sophos with the announcement of a newly expanded Sophos Central Portfolio.
Three Major Enhancements at a Glance
Sophos’ latest portfolio refresh focuses on three strategic areas:
- Endpoint Portfolio Refresh – a simplified, more powerful endpoint security lineup with new licensing options.
- Expanded Security Operations Portfolio – broader detection, response, and risk management capabilities.
- Security Services Expansion – new advisory, penetration testing, and managed risk offerings.
Together, these updates make it easier for organizations to meet compliance requirements, respond to threats faster, and gain greater value from their existing cybersecurity investments.
Meeting Customers at Every Stage of Their Security Journey
Sophos’ expanded ecosystem now spans every maturity level, from basic endpoint protection to fully managed 24/7 threat response. Key solutions include:
- Sophos Endpoint – next-gen protection with anti-ransomware, exploitation prevention, and adaptive defenses.
- Sophos EDR (Endpoint Detection and Response) – advanced visibility and response capabilities for endpoints and servers.
- Sophos XDR (Extended Detection and Response) – detection and response across the full IT environment.
- Sophos MDR (Managed Detection and Response) – round-the-clock threat monitoring and response by expert analysts.
Add-ons such as Sophos Managed Risk, Sophos NDR, and the newly launched Sophos ITDR (Identity Threat Detection and Response) enable a layered defense model that scales with organizational needs.
All Integrations, Automatically Included
One of the most significant changes: all technology integrations are now automatically included in Sophos XDR and MDR subscriptions. Customers no longer need to purchase separate Integration Packs, simplifying licensing and improving time-to-value.
For partners, this means easier sales cycles, stronger differentiation, and new professional services opportunities around integration setup and management.
New Identity Threat Detection and Response (ITDR)
Identity-based attacks are on the rise, and Sophos ITDR tackles this growing challenge head-on. Available as an add-on for Sophos MDR and XDR, it provides:
- Continuous scanning for identity security gaps in Microsoft Entra ID
- Detection and response to identity-based attacks and stolen credentials
- Dark web monitoring for exposed accounts
- Full integration with Sophos MDR analysts for managed response
By unifying endpoint, network, and identity telemetry, Sophos delivers a comprehensive, identity-aware defense posture
Simplified Licensing and Product Rebranding
To streamline the portfolio, Sophos is retiring the Intercept X brand.
Solutions are now clearly named Sophos Endpoint, Sophos XDR, and Sophos MDR, with consistent user and server licensing.
Important:
- Sophos Intercept X Essentials reaches end-of-sale in November 2025.
Existing customers will be automatically upgraded to the new Sophos Endpoint or EDR licenses at renewal. - New license options such as Sophos Endpoint 100 simplify product selection.
With automatic integrations, expanded AI capabilities, and a new ITDR layer, Sophos has evolved its Security Operations Portfolio into a more comprehensive, flexible, and future-ready platform. Customers benefit from reduced complexity, better visibility, and faster response — while partners gain new opportunities to grow their services and strengthen customer relationships.
For more details, please feel free to contact us via [email protected].
No Comments