Sophos has introduced Identity Threat Detection and Response for its XDR and MDR platforms, expanding its defense against the growing wave of identity-based attacks, Techzine reports.

The new solution, derived from Sophos' acquisition of Secureworks, detects stolen credentials, monitors identity risks, and automates responses through Sophos Central. According to the Sophos X-Ops Counter Threat Unit, stolen login data offered on the dark web surged 106% between June 2024 and June 2025, underscoring the urgency of enhanced identity protection.

Senior VP Rob Harrison said the rise of cloud and remote work has widened the attack surface, making identity security more complex. The system conducts over 80 cloud identity posture checks and uses AI-based detection to identify threats like account takeover and lateral movement. Integrated User Behavior Analytics and automated remediation, such as account locks and MFA resets, help organizations contain identity threats while simplifying security operations.