Cybersecurity firms Sophos and Halcyon have announced a new strategic partnership to share ransomware threat intelligence in real time, aiming to strengthen defenses and accelerate response for more than 300,000 organisations worldwide.
The collaboration will see the two companies exchange indicators of compromise, attacker behaviours, and attack patterns to help detect and block ransomware earlier. The move follows Halcyon’s launch of a Ransomware Research Center, which will now be informed by data from both firms’ platforms.
Customers using Sophos Endpoint, Sophos Managed Detection and Response (MDR), Sophos XDR, and Halcyon’s Anti-Ransomware Platform will benefit from enriched detection models and faster protection updates.
The companies will also integrate mutual anti-tamper protections, allowing each platform to monitor and safeguard the other’s agents. This aims to ensure that security tools remain active and uncompromised during ransomware incidents.
Simon Reed, Sophos’ chief research and scientific officer, said the partnership would “improve signal fidelity and accelerate detection” to keep organisations safer. Halcyon’s CEO and co-founder, Jon Miller, praised Sophos’ track record, describing it as “one of the most effective endpoint security platforms” in the market.
Sophos’ cross-functional threat intelligence unit, X-Ops, will work closely with Halcyon’s research and engineering teams to operationalise the shared insights, expanding the reach and speed of both companies’ threat response capabilities.
The initiative reflects a wider industry trend toward collaborative defence, as ransomware attacks become more sophisticated and damaging.