Hello everyone,
I have a question. Some of your users needs to run a Python script (through VBA, command prompt or Python prompt). At the moment it gets blocked by Sophos. What's the best way to tackle this problem and allow this script to be run?
Jo
Hi Jo Vanattenhoven ,
Thank you for reaching out to our Community forum.
Depending on the type of detection, you can try setting up exclusions for these. Kindly share a screenshot of the detection, so we can advise further on what type of exclusions you need to configure.
I've added a screenshot. Can this help?
U suppose I'll need to add an exception for this, maybe based for 1 device?
I've added a screenshot. Can this help?
U suppose I'll need to add an exception for this, maybe based for 1 device?
Hi Jo Vanattenhoven ,
Thank you for sending the screenshot.
If this is a false positive, looking at the Event details, if the DetectionID or Thumbprint never changes, you can exclude it from the exploit detection using the Detection ID. This will work if the behavior is identical every time, with all file names and file paths being the same.
If this doesn't work, you can also try to use a threat protection policy to exclude Windows applications from protection against security exploits. You can then add the policy to the users and devices where the exclusion is necessary.
Steps for configuring these exclusions are mentioned in the following article:
Stop detecting an exploit
Please keep in mind that we do not suggest excluding any applications from any of our protection methods unless you fully trust the application.
