Hi, maybe i´m setting something wrong, but i hope can you help me.
I made exclusions on threat protection in Policy Exclusions and Global Exclusions. I need to exclude folders that contains an ERP files.
Sophos detect false positives in that ERP files. Therefore the files are deleted.
I tried set first Policy Exclusions and then the Global Exclusions but both of them doesn´t work in my Sophos Central.
Anyway the .exe filies are removing.
I share the screenshots with the configuration in Sophos Central.
I´ll be grateful if you help me.
Thank you for raising this, What I can suggest to you here is to raise a Labs request through our sample submission portal if this file is a legitimate file that your organization uses to exclude this from being detected. Ensure to provide all necessary details like the file with the detection and its detection name. Share as well the description of this application and its file path.
My apologize for my late response.
These files are legitimate. They are .exe that works in our ERP. The ERP is named Dominiom BI.
The executable files are developments by us.
In these days as a choice i added the paths in allowed applications from global settings like this (C:\DominioM BI\*.exe). My common sense was add an asterisk before .exe aims to recognize all the executables in that folder.
However sophos detects ML/PE and PUA´s in that path and begin clean that "threats".
I´ll raise a Labs request this files as soon as possible because i cannot install sophos in this production server till solve this issue.