Sophos Cloud Optix versions
Sophos Cloud Optix Standard licensing changed on June 1 2022. For more information see Changes to Sophos Cloud Optix Standard.
There are two versions of Sophos Cloud Optix, Standard and Advanced.
Sophos Cloud Optix Standard includes all the major features, such as network and IAM visualization, and container image scanning, for one of each type of environment. It doesn't include environment access control or custom policies, and you only get the automatic daily scan.
If you're a Sophos Central user with an Intercept X Advanced for Server term license, you can use Sophos Cloud Optix Standard. You can't buy Sophos Cloud Optix Standard separately any more. For more information about licensing, see Licensing.
You can upgrade to the full Sophos Cloud Optix Advanced service for additional cloud security features, or to protect more environments. It's available on subscription or on a free trial.
To see your current environment usage and licensing, click Environments > View current usage.
The table compares the features of each version.
|Feature||Sophos Cloud Optix Standard||Sophos Cloud Optix Advanced|
|Cloud environment monitoring: |
Support for AWS, Azure, GCP, Kubernetes, and IaC environments, and Docker Hub registries
|One per provider||Unlimited|
|Security monitoring (CSPM best practice rules)||Daily scans||Scheduled, daily and on-demand scans|
|Sophos MDR integration to send alerts and events to Sophos Central||Y||Y|
|Advanced search capabilities||Y||Y|
|AI-powered anomaly detection||Y||Y|
|SophosLabs Intelix malicious traffic alerts||Y||Y|
|AWS native service integrations |
(Amazon GuardDuty, AWS Security Hub, Amazon Inspector etc.)
|Azure native service integrations (Azure Sentinel and Advisor)||Y||Y|
|Cloud workload protection: agent discovery||Y||Y|
|Cloud workload protection: automatic agent removal||Y||Y|
|Compliance policies and reports||CIS benchmarks||CIS benchmarks, ISO 27001, EBU R 143, FEDRAMP FIEC, GDPR, HIPAA, PCI DSS, SOC2, Sophos best practices|
|Alert management integrations |
(Jira, ServiceNow, Slack, Teams, PagerDuty, Amazon SNS)
|SIEM integrations |
(Splunk, Azure Sentinel)
|Infrastructure-as-code (IaC) template scanning |
|Environment access control||-||Y|
|Container image scanning |
(ECR, ACR, DockerHub, API)
|Serverless Storage Protection||Limited to one region and to 5,000 files scanned per calendar month||Y|
Accessing Sophos Cloud Optix Standard
If you have an Intercept X Advanced for Server term license, Cloud Optix appears in Sophos Central Admin, under My Products.
To use Sophos Cloud Optix Standard click Cloud Optix.