Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 8 subscribers
  • Views 4247 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Home Self Defense Module

Enrick Ordono
I was thinking about getting this product and it looks promising. The integrations of Intercept X into this home product made me want to go for this. I looked at multiple reviews of this product and it surprised me. The malware blocking capabilities of this program outperforms many of the big names. I was going all in for this product, until an issue made me think otherwise. Many anti-virus products implement a self defense module to prevent itself from getting shut down by malware or hackers. Worst case scenario is the AV gets shut down and the user is vulnerable. I notice that Sophos Home doesn’t have a self defense option anywhere, so I would assume that it is somewhere in the code. Then, I encountered a video that disables Sophos Home using a batch file. A. Batch. File. I am posting this so that the Sophos People can be aware of this issue and fix it. Thank you and have a great day. Video Link: https://youtu.be/QBIvLubhlc8


This thread was automatically locked due to age.
Parents
  • 0

    The paid for product, either Sophos Central managed client or the on-premise Enterprise Console managed client has the Sophos Endpoint Defense component.  This is a driver that prevents applications tampering with Sophos services, files etc...

    Maybe it will be added to Home at some point in the future.

    I guess if something has already been run that can stop the services, then you're already compromised but I see your point.  The more layers the better. 

    Regards,
    Jak

Reply
  • 0

    The paid for product, either Sophos Central managed client or the on-premise Enterprise Console managed client has the Sophos Endpoint Defense component.  This is a driver that prevents applications tampering with Sophos services, files etc...

    Maybe it will be added to Home at some point in the future.

    I guess if something has already been run that can stop the services, then you're already compromised but I see your point.  The more layers the better. 

    Regards,
    Jak

Children
  • 0 in reply to jak

    Thank you for your reply! The only thing that I don't understand now, is why they chose not to implement this very important feature in the Sophos Home products. Because if you think about it, what's the point of having a very powerful antivirus if one can easily shut it off?

Unfiltered HTML