Hi Sophos.
Cryptoguard has a function to roll back data encrypted when it detects encryption behavior by ransomware.
I'm testing how endpoints roll back data. The problem is when I exploit ransomware (like wannacry), the endpoint detects and blocks malware before it encrypts data. What environment do I have to prepare to test Sophos endpoint roll back data.
This thread was automatically locked due to age.