According to industry estimates, as many as 90 percent of successful attacks are against vulnerabilities in which a patch already exists. Despite this statistic, many computers do not have the latest security patches installed, putting organizations at serious risk from a variety of malware threats.

Patches are time-consuming to track and administer, and it is often difficult to see which computers actually have critical patches installed correctly. Without this visibility, IT managers have no simple method of identifying computers most at risk.

Sophos today announced the latest version of its endpoint security solution. Sophos Patch Assessment identifies, prioritizes and scans for critical threat-related security patches.

It also enables scanning for Microsoft and third-party patches from vendors such as Adobe, Apple, Citrix, Microsoft, Skype and others. This is particularly important as the majority of today’s patches are not from Microsoft.

Security vendors are now combining reputation-based data with URL filtering to stop users from accessing sites known to be infected, or sites that repeatedly host malware or other unwanted content.

Reputation-based URL filtering that performs real-time lookups against the security vendor’s database is especially effective at blocking the thousands of new malware sites, SEO poisoning attacks and hijacked trusted sites that pop up daily.

Sophos Web Filtering makes it easy to set a smart surfing policy for the top 14 most inappropriate site categories from within the Endpoint Enterprise Console. With Sophos Web Filtering, users are protected from these sites wherever they go, with no additional software or infrastructure required.

Sophos Web Filtering enables better performance for users, as scanning is done locally, not back to a box in the data centre, thereby reducing the number of boxes needed to manage web usage.

Full-disk encryption in Sophos Endpoint ensures that data stored on desktops and laptops is kept secure, enabling IT staff to encrypt workstations and see their status. Moreover, Sophos encryption is integrated into this latest version of Sophos Endpoint, without a separate deployment or console required, making it faster and easier to install full-disk encryption on computers in just six clicks.

“Our goal has always been to provide customers with complete security and protection everywhere—without complexity. The industry-first features within Sophos Endpoint 10 reaffirm that goal,” said Shaun Paice, vice president, product management, Sophos. “Sophos Endpoint 10 is the result of a close collaboration with our customers and partners—improved performance, client-side web protection, patch identification and prioritisation, and integrated disk encryption management. It’s easier than ever to find at-risk computers, manage alerts, set policies and clean up threats.”