Global cybersecurity firm, Sophos, has announced the launch of a new solution, Sophos Identity Threat Detection and Response (ITDR) following a significant rise in identity-based cyberattacks.

The announcement, made on October 21, 2025, comes as the company reported a 106 percent surge in stolen credentials being traded on the dark web over the past year.

The new ITDR solution is designed to continuously monitor identity risks and misconfigurations within customer environments while simultaneously scanning the dark web for compromised employee credentials.

According to Sophos, this integrated approach will help organizations detect and respond swiftly to attacks that exploit user identities, which remain a leading cause of data breaches.

“Cloud and remote work have expanded the identity attack surface and created new opportunities for attackers,” said Rob Harrison, Senior Vice President of Product Management at Sophos.

“Complex identity systems often create gaps that attackers exploit. Our new ITDR solution closes those gaps by offering faster visibility into identity-related risks,” he added.

Sophos disclosed that compromised credentials were the root cause in 56 percent of all cyberattacks investigated over the past year — marking the second consecutive year this vector topped the list.

The ITDR solution performs over 80 cloud identity checks, leverages AI to detect targeted attack methods, and allows for automated responses, including locking accounts or resetting passwords.

It also represents the first fully integrated product within the Sophos Central platform since the company’s acquisition of Secureworks, expanding its suite of tools for more than 600,000 global customers.

Early adopters, particularly in the financial services sector, have commended the new tool for improving visibility, reducing response time, and streamlining the management of identity-related risks.