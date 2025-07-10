Sophos, a global leader of innovative security solutions for defeating cyberattacks, has announced the expansion of its Sophos Managed Risk capabilities with the introduction of Internal Attack Surface Management (IASM) with technology powered by Tenable.

Many organisations face critical blind spots in their cyber defenses as the Sophos State of Ransomware 2025 report found 40% of organisations impacted by ransomware in the last year reported falling victim due to an exposure they were unaware of.

According to the Senior Vice President, Product Management at Sophos, Rob Harrison, Sophos Managed Risk, now with both internal and external attack surface management, addresses this challenge, providing comprehensive visibility into internal and external weaknesses that could be exploited by threat actors.

He said: “With Sophos Managed Risk, organisations gain an attacker’s-eye view to identify and prioritise remediation of risks before adversaries can exploit them.

The solution offers a unified view of both internal and external exposures prioritised by risk and paired with clear remediation guidance, “This enables organizations to focus their efforts where it matters most, on the most critical vulnerabilities, resolving them rapidly.”

The latest release of Sophos Managed Risk introduces unauthenticated internal scanning, which assesses a system from the perspective of an external attacker without user credentials or privileged access.

This enables organizations to identify and mitigate high-risk vulnerabilities, such as open ports, exposed services and misconfigurations that are accessible and potentially exploitable by attackers.