F5 to Acquire CalypsoAI for Advanced AI Security Capabilities
September 25, 2025
Pure Storage and Veeam Announce Cyber Resilience Delivered as a Service
September 27, 2025New enhancements to the Sophos AI Assistant
It isn’t just another AI tool — it’s expertise from the team behind the world’s leading Managed Detection and Response service, distilled into an intelligent agent. The AI Assistant is included for all Sophos XDR and MDR customers at no additional charge.
With this release, the Sophos AI Assistant has been enhanced to support two key roles:
- Security Analyst – Focused on case investigation and triage.
- Threat Hunter – Focused on proactive, exploratory investigations across the environment.
Key capabilities in this release
- Updated navigation in Sophos Central
The Sophos AI Assistant is now accessible from a new “AI” menu in the Sophos Central Admin console. This update reflects the increasing importance of AI-powered tools in analyst workflows and ensures easier access to AI-driven insights and actions—whether you’re responding to alerts, investigating incidents, or proactively hunting threats.
- New Security Analyst and Threat Hunter assistants
This release introduces a new AI assistant:
- Security Analyst assistant: Designed for triage, case management, and investigation tasks.
- Threat Hunting assistant: Adds support for proactive hunting workflows, allowing analysts to explore telemetry, craft queries, and investigate suspicious behavior across the estate.
Together, these new context aware assistants unify reactive and proactive capabilities under a single, AI-powered interface.
- Contextual workflows based on analyst role
The AI Assistant now pulls in context based on the function an analyst is performing:
- Security Analysts receive case-aware prompts, enrichment support, and streamlined investigation flows.
- Threat Hunters are provided with advanced search suggestions, guided telemetry pivots, and custom prompt templates.
Whether you’re summarizing case findings or exploring detection anomalies, the AI Assistant ensures a seamless and role-aligned experience.
- Smart prompt starters and in-workflow assistance
To reduce onboarding friction and improve usability, Sophos has introduced intelligent prompt suggestions tailored to common SOC activities. From device analysis to trend reviews, the AI Assistant helps you frame effective queries and make informed decisions—without needing deep familiarity with query languages or telemetry schemas.
Use cases in action
- Alert triage: Quickly summarize the context and related detections
- Investigation: Trace lateral movement using command-line data or user behavior
- Threat hunting: Search for PowerShell execution anomalies over time
- Enrichment: Perform live lookups on hashes, IPs, or domains
You can even add AI Assistant outputs directly into your case notebooks, ensuring that your insights and steps are preserved for auditing or handover.
How to write effective prompts
We’ve published a new best practices guide for writing effective AI prompts. This guide helps you frame questions more clearly and precisely to ensure high-quality results from the AI Assistant.
Tips include:
- Be specific: Include device names, time ranges, or detection types
- Give context: Tie the prompt to a case or alert when possible
- Define format: Ask for lists, tables, or summaries if needed
Ready to try it?
Log in to Sophos Central today and start working with your new AI teammate.
