This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can the details of a 'detection ID' be determined?

Hi, We have excluded some detected exploits detection IDs from checking after concluding they were false positives. Some of these were done over a year ago and comments weren't included in them when the technician did the exclusions.

My question is whether or not you can view the details of a detection ID as it appears in the global exclusions in Sophos Central? Is that particular ID value decodable somewhere?

thank you.

This thread was automatically locked due to age.

0 Ken Kleiner1 over 4 years ago

Hi, We have excluded some detected exploits detection IDs from checking after concluding they were false positives. Some of these were done over a year ago and comments weren't included in them when the technician did the exclusions.

My question is whether or not you can view the details of a detection ID as it appears in the global exclusions in Sophos Central? Is that particular ID value decodable somewhere?
Cancel
Vote Up 0 Vote Down

Cancel
0 Shweta over 4 years ago

Hi Ken Kleiner1

You can check under the description of the detected exploit for the path. If an exploit is detected on an application but you're sure the detection is incorrect, you can stop it happening again by using options available in your events list. Also in case, you have SHA-256 you can check further details about the file as mentioned here. For more information please check this link.

Shweta

Community Support Engineer | Sophos Technical Support
Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up 0 Vote Down

Cancel