Sophos launches ITDR to enhance identity threat detection

Sophos announced the launch of its new solution, Sophos Identity Threat Detection and Response (ITDR), designed to enhance the capacity to monitor identity risks and detect compromised credentials. This addition expands the Sophos Security Operations (SecOps) portfolio, contributing to faster identification of identity-related threats.

The ITDR solution is part of Sophos's Extended detection and response (XDR) and Managed Detection and Response (MDR) offerings. It continuously assesses customer environments for identity threats and vulnerabilities while scanning the dark web for compromised account information. Organizations can utilize this technology to detect and respond to identity-based attacks promptly, aiming to diminish risk to their operations.

This launch marks an expansion of Sophos’s offerings following its acquisition of Secureworks, integrating the first Secureworks solution into the Sophos Central platform. This integration supports comprehensive SecOps for over 600,000 customers, addressing the rising rate of identity attacks which, according to Sophos X-Ops, saw a 106 percent increase in stolen credentials listed on the dark web from June 2024 to June 2025.

Rob Harrison, Senior VP of Product Management at Sophos, noted that the increasing complexity of identity and access management systems allows for potential vulnerabilities that attackers may exploit. “Sophos ITDR helps close those gaps by giving customers faster visibility into identity risks and monitoring for compromised credentials,” he stated.

The ITDR solution incorporates over 80 cloud identity posture checks and employs AI-driven detections to identify various types of identity-based attacks. Automated response actions facilitate immediate reaction to identity threats, which include account lock, password resets, and multi-factor authentication refreshes.

Sophos ITDR integrates seamlessly with existing Sophos XDR and MDR solutions, enabling rapid investigation and response to detected threats by Sophos security analysts. With this addition, the company enhances its ability to assist customers in fortifying their security posture against evolving cyber threats.