Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 2 subscribers
  • Views 3401 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Live Protection

mntl

Hello,

we were looking at 'Sophos Live Protection's overview. Let me cite from this overview:

"If the anti-virus scan on an endpoint computer has identified a file as suspicious, but cannot further identify it as either clean or malicious based on the threat identity (IDE) files stored on the computer, certain file data (such as its checksum and other attributes) is sent to Sophos to assist with further analysis. This is known as 'in-the-cloud' checking: it performs an instant lookup of a suspicious file in the SophosLabs database. If the file is identified as clean or malicious, the decision is sent back to the computer and the status of the file is automatically updated." [0]

- We are curios what you mean with "certain file data (such as its checksum and other attributes)"?
- What are "other attributes"?
- Are there cases, in which whole files are submitted?

Regards, Alex

[0] - community.sophos.com/.../110921



This thread was automatically locked due to age.
Unfiltered HTML