Can you help to shape our future products?
We're looking for customers and partners to join our Sophos Design Partner group. Sign up and you'll be able to give us your product feedback and ideas through surveys, interviews, or usability testing.
You'll be helping to make the world a safer place -- and you might win Amazon vouchers while you're doing it.
We’re particularly keen to talk to customers who…
I'm pleased to say that a new version of our endpoint user interface is being released to EAP customers this week. Windows devices (client and server) enrolled in the EAP will receive the update automatically.
The key goal of the update is to better represent Sophos' different endpoint components - Intercept X, Central Device Encryption and our upcoming UEM agent. It will also to bring a consistent look across platforms…
We are excited to announce that we have added our new Linux EDR agent to the New Server Protection and EDR Features early access program.
Joining the EAP:
To get access to the new agent you must first join the New Server Protection and EDR Features early access program. See this presentation on how to join the EAP.
Getting access to the agent and installing:
Once you have successfully joined, from the Protect Devices…
Hi Community,
Sophos Anti-Virus v9.9.8 for Mac OS has been released. This release has the fix for blank captive portal.
For more information, please refer to the below release notes:
Due to current events, we are lengthening the Extended Support for Windows XP and Windows Server 2003 until June 30, 2020. Please refer to the below article for more information.
Note: Use of all features and functionalities provided under the Early Access Program is subject to the Sophos End User License Agreement.
We are excited to announce that Intercept X Advanced with EDR v3.0 with Live Discover is now available in early access.
Live Discover allows admins to search their data to answer almost any question they can think of by searching across their endpoints and servers using SQL. You can…
In early April we are extending the Early Access Program to add Live Discover
Watch the 5 min video. https://vimeo.com/401888432
The New Endpoint/Server Protection and EDR Features Early Access Program allows customers to test the latest and greatest endpoint and server features and functionality as they are being developed by Sophos.
See below for descriptions of the the features currently in the Early Access…
Source: https://community.sophos.com/kb/en-us/134486
SophosZap is a last resort command line clean up tool focused on uninstalling Sophos Endpoint products to revert a machine to a clean state.To uninstall we strongly recommend that you use the standard product uninstaller first. Only use SophosZap when all other uninstall options have failed, as SophosZap uses heuristics trying to identify Sophos components…
Starting today we are gradually rolling out Sophos AMSI Protection to the Recommended release for endpoints. In a first phase only new Sophos Central customers (with the right license), and a very small percentage of existing Sophos Central customers will see this.
While we have tested this technology a lot, internally as well as in this EAP, it is still a new technology so we want to be sure all works well.
If all goes…
Hi All,
This service release contains bugfixes and improvements. Fixed JIRA items:
Starting this week we will gradually roll out an update to the components in the Enhanced Protection EAP. We are mainly focusing on improved quality, and have fixed most of the issues that have been reported. Both endpoints and servers will be updated.
Other changes are the introduction of Windows 7 support for IPS, and a new and faster SDU log collection.
This roll-out will take about two weeks.
The update will bring…
A new version of Sophos Central Server Intercept X 2.0.16 has been released to our Sophos Central customers. This release also contains the below customer fixes:
Updated Components
HitManPro.Alert has been updated to 3.7.15.446.
New features
This release supports the following new protection features. These will initially be turned on only for servers in early access program subscriptions, before being…
A new version of Sophos Central Intercept X 2.0.16 has been released to our Sophos Central customers. This release also contains the below customer fixes:
Updated components
This release supports the following new protection features. These will initially be turned on only for endpoints in early access program subscriptions, before being turned…
The same Intercept X features that protect your endpoints are now also activated for the Windows Servers participating in the Server Protection EAP have are now also blocking exploits.
While these features were active in terms of scanning for and detecting of potential exploits, admins have not seen any threats blocked based on these mitigation types. After having run this on your servers in silent mode, we are now confident…
We have opened up the Early Access Program to include Windows Server 2008R2 and later!
For now, the same Intercept X and AMSI features as found in the endpoint will be available, with Intercept X initially only in detection mode, not blocking. (Update: Note that meanwhile these features are now also set to block exploits).
The AMSI interface is available on Windows Server 2016 and Windows Server 2019.
Devices with…
Hi everyone,
There are new set of features available in the Sophos Endpoint Self Help tool. Here's a link for FAQs regarding Endpoint Self Help tool and please follow the link below for more details:
Sophos Anti-Virus version 9.9.6 for macOS has been released. This release has the fix for the below issues.
1. Resolved an intermittent failure where web pages may fail to load.
2. Improved memory usage when Threat Case creation is enabled.
3. Resolved an issue with modified permissions on the man8 directory when using disk encryption.
4. Improved support for macOS 10.15 Catalina when using MDM profiles…
Sophos EDR enabled devices are continually capturing data related to process, file, network and other system activity. EDR licensed customers have the ability to generate a forensic snapshot on demand where all activity being monitored is packaged up and made available so that customers can do a detailed analysis on this data. In the past, after a forensic snapshot was generated, admins would need to retrieve the snapshot…
A few weeks ago we updated your machines in the EAP with four new Intercept X exploit mitigation types.
While these features were active in terms of scanning for and detecting of potential exploits, users have not seen any threats blocked based on these mitigation types. After having run this on your machines in silent mode, we are now confident to start blocking detections of these exploits.
As a reminder, these are the…
Starting tomorrow, we’ll extend the Early Access Program for Enhanced Protection with some new Intercept X features for you to test. Four new mitigation options will be added to endpoints that are participating in the EAP.
All four new mitigation options can individually be switched off or on – but as with other EAP features, they’ll be on by default. However, you will not yet see any detections based…
Sophos Anti-Virus version 9.9.5 for macOS has been released. This release contains improved support for macOS 10.15 Catalina.
For more information, please refer the released notes:
That's right, somehow I'm still employed here at Sophos (at least for now)! I'd like to thank the Web team for letting me know our blog supports GIFs and I'd like to apologize for not following your guidance to "use them sparingly". Let's just say there's a lesson to be learned here... Don't tell Greg about the nice things - he's not allowed the nice things.
Did anyone know…
After enhancing the Threat Indicators features since it was made available to Intercept X Advanced with EDR and Intercept X with EDR for Server customers in July, Sophos has now declared the feature Generally Available.
Threat Indicators solves the #1 most requested feature for EDR users – knowing where to start an investigation. Now admins will utilize a prioritized list of the most suspicious activity, so they…