Cybersecurity is a game of anticipation. In this game, seeing through an attacker’s eyes can make the difference between preventing an incident or facing a breach. Based on this idea, Sophos announced today from Oxford (UK) the expansion of its Managed Risk services with a new key feature: internal attack surface management (IASM), powered by Tenable technology.
This development comes at a critical time. According to Sophos’ own State of Ransomware 2025 report, 40% of companies affected by ransomware in the past year were victims due to an exposure they were unaware of. This figure reveals a harsh reality: many organizations still lack true insight into their internal vulnerabilities.
“With Sophos Managed Risk, organizations can gain an attacker’s perspective to prioritize and remediate vulnerabilities before they’re exploited,” explains Rob Harrison, Senior Vice President of Product Management at Sophos.
What is IASM and Why Does It Matter?
The concept of internal attack surface management goes beyond traditional scans. The key is that the analysis is performed without authentication — in other words, like an attacker with no credentials. This enables detection of critical weaknesses that could be easily exploited from within the network.
Elements that IASM can detect include:
- Unprotected open ports
- Misconfigured services
- Unpatched vulnerabilities
- Accidental exposure of systems or files
This approach complements external management (EASM), which analyzes publicly exposed assets on the internet, providing a holistic view of risks.
Main Features of Sophos IASM
| Functionality | Description |
|---|---|
| Internal Credential-less Scanning | Simulates a real attacker to identify visible weaknesses without prior access. |
| Comprehensive Vulnerability Management | Automated, periodic scans across the entire network. |
| AI-powered Prioritization | Analyzes the actual risk of each vulnerability and guides resolution efforts. |
| Integrated Tenable Technology | Utilizes Nessus scanners for advanced analysis and severity assessment. |
| Unified Managed Service | Unlike other providers, Sophos combines IASM and EASM into a single service. |
The Sophos-Tenable Partnership: A Key Strength
The solution leverages Tenable Nessus, widely recognized in the industry for vulnerability detection. But Sophos doesn’t just integrate technology; their Managed Risk team is certified by Tenable and actively collaborates with threat response teams (MDR) to provide coordinated coverage against known and emerging cyber threats, including zero-day attacks.
This synergy allows a faster response to potential exploitation signals and offers clients continuous monitored protection.
Who Benefits from This Enhancement?
Any organization, large or small, managing digital infrastructure — from local networks to hybrid or multicloud environments — can benefit. Particularly those that:
- Lack complete visibility into their internal network
- Need to comply with cybersecurity standards (such as ISO 27001, ENS, NIS2)
- Operate in sensitive sectors like healthcare, education, finance, or energy
Opinion: Seeing from Within, Through an Attacker’s Eyes
The term “attack surface” usually refers to what’s exposed externally. However, as Sophos’ move demonstrates, most threats often originate inside — through open ports, outdated services, or seemingly minor configuration errors.
The innovation isn’t just in detection, but in intelligent prioritization — focusing efforts where they matter most using AI.
Key Benefits for Businesses
| Benefit | Impact |
|---|---|
| Full internal and external visibility | Identifies risks that might otherwise go unnoticed. |
| Proactive ransomware response | Mitigates threats before breaches happen. |
| Reduced operational load | Clear guidance on patches and actions. |
| Improved compliance | Clear evidence of active protective measures. |
| No additional cost for integration | Available immediately without license or price changes. |
Available Immediately
The new IASM feature is now active for all current and future Sophos Managed Risk clients, with no license modifications needed. Administrators can enable scans from the Sophos Central console, deploy Nessus scanners, and schedule regular assessments.
For more info, Sophos has set up a portal: sophos.com/Managed-Risk.
Conclusion
In a landscape where ransomware remains the biggest threat and many organizations remain unaware of their internal vulnerabilities, Sophos’ launch of IASM is a bold and necessary step.
By viewing the network from the attacker’s perspective, organizations can gain an advantage in a game where mistakes are costly.
via: sophos.com