This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept X w/ EDR Meterpreter shell detection not blocked

So i am trying to do some testing with Intercept X w/ EDR on meterpreter shell detection. after testing different payloads, i was able to get in using meterpreter/bind_tcp. it successfully loaded with sophos detecting the exploit but not blocked. what happened to the exp prevention of sophos ? all security features are enabled on Sophos Endpoint.

i also did the same testing way back 2019, and i have no issues.

This thread was automatically locked due to age.

Parents

0 Fred_Sophos over 3 years ago

it says its prevented on the events tab. but thats not the case
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Fred_Sophos over 3 years ago

it says its prevented on the events tab. but thats not the case
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Shweta over 3 years ago in reply to Fred_Sophos

Hi Fred_Sophos

Thank you for your patience. Our team is currently investigating this and troubleshooting the case that you have already open. We will let you know if there is any further information required from your end.

Shweta

Community Support Engineer | Sophos Technical Support
Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question use the 'Verify Answer' link.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up 0 Vote Down

Cancel