Cybersecurity isn’t just about keeping threats out. It’s also about knowing what’s already exposed within.
Sophos is taking that idea further by expanding its Managed Risk service to include Internal Attack Surface Management (IASM). The goal? Help organizations identify hidden vulnerabilities inside their networks before cybercriminals do. With ransomware attacks on the rise and internal misconfigurations often going unnoticed, this update could be a critical step toward stronger, more proactive defense.
Looking inward: Why internal risk matters
Sophos is stepping up its cybersecurity game with a new feature that looks inward, literally. The company just rolled out Internal Attack Surface Management (IASM) as part of its Sophos Managed Risk service, aiming to help organizations spot and fix vulnerabilities hiding within their own networks.
While many security teams focus on external threats, internal exposures are just as dangerous and often overlooked. According to Sophos’ State of Ransomware 2025 report, 40% of ransomware victims said the attack happened because of an exposure they didn’t even know existed. That’s the kind of blind spot Sophos wants to eliminate.
How IASM works
With IASM, organizations get what Sophos calls an “attacker’s-eye view” of their internal environment. The system runs unauthenticated internal scans—meaning it doesn’t need login credentials or privileged access—to identify things like open ports, exposed services, and misconfigurations. These are the weak points attackers often exploit to get a foot in the door.
Powered by Tenable, guided by AI
The feature is built on Tenable technology, using Nessus scanners to regularly sweep internal assets for vulnerabilities. It also leverages AI-powered prioritization, helping teams identify which threats pose the highest risk so they can take action faster and more efficiently.
A unified, managed approach
One of the standout aspects of Sophos’ approach is its decision to combine internal and external attack surface management into a single managed service. While many vendors split these capabilities into separate tools or offerings, Sophos keeps it all under one roof—backed by its globally recognized Managed Detection and Response (MDR) team.
The Sophos Managed Risk team is Tenable-certified and collaborates closely with MDR analysts to stay on top of zero-days, known vulnerabilities, and active exploitation risks across customer environments.
Available now at no extra cost
IASM is now live for all Sophos Managed Risk customers—no license changes, no extra cost. Existing users can start deploying Tenable Nessus scanners and scheduling automated scans directly from the Sophos Central console.
Learn more at: Sophos.com/Managed-Risk
