Announcements

Hi All, I wanted to report one issue we've come across.  If removing Windows Endpoint or Server devices from the EDR Data Lake (aka XDR) early access program there is an issue with the downgrade process which results in the device health be...

Check out this webinar where the Sophos Engineering and PM team give an introduction on coding against the EDR Data Lake API and walk through using and modifying the Sophos Data Lake Test tool. vimeo.com/.../ad569fd23d

I am adding a set of queries to explore information in the data lake from the XG Firewall. For the data lake to have information from the XG Firewall you will need to have an XG FW License with Cloud Firewall reporting enabled. Once the firewall is c...

You can find the getting started guide for the EDR Data Lake APIs available here on the apigee.io site we use. Overview This guide takes you through a few simple steps to start using the new EDR Data Lake APIs in Sophos Central. All our APIs are off...

For anyone who's joined the EDR Data Lake Early Access Program, we've been providing instructions on the different steps to join and enroll devices but I thought it would be useful to have one full blog post covering those steps and also detailing ho...

Hi all I have started populating the queries section of the forum.  I Expect to put about 50 queries into the forum to perform the basic navigation and exploration of the data.  Once I get those loaded in we will start adding more interesti...

Welcome to the EDR Data Lake EAP (Early Access Program). How do I learn more In this forum you will find a number of documents, videos, queries and posts explaining the program and if you have any questions you can post the question or comment on th...