Citing new data that identifies exploited vulnerabilities as the leading cause of ransomware attacks, the cybersecurity firm, Sophos, has launched a suite of proactive testing services to help organisations find and fix security gaps before they can be weaponised by hackers.

The new Sophos Advisory Services, informed by real-time intelligence from the company’s Sophos X-Ops threat unit, includes External, Internal, and Wireless Network Penetration Testing, as well as Web Application Security Assessments.

The launch came as Sophos’ own State of Ransomware 2025 report revealed that 65% of organisations were exposed to a ransomware attack due to a known or unknown security weakness.

Speaking, Senior Director of Sophos Advisory Services, Jake Dorval, said: “Adversaries are increasingly skilled at exploiting the smallest cracks in an organisation’s security programme. With Sophos Advisory Services, we give customers a proactive advantage, helping them find and fix weaknesses before attackers can exploit them.

“The services are delivered by a dedicated team of testers with vast cross-discipline expertise, many of whom joined Sophos through the recent acquisition of Secureworks. “This team, which holds hundreds of security certifications, is directly supported by Sophos X-Ops security analysts and threat intelligence specialists.

“The new advisory offerings join Sophos’ growing services portfolio, which also includes Sophos Emergency Incident Response for neutralizing active cyberattacks.”