Sophos Endpoint

Discussions Detections Many Level 4 messages

Sophos Endpoint requires membership for participation - click to join

Thread Info

State Not Answered
+1 person also asked this people also asked this
Locked Locked
Replies 1 reply
Subscribers 13 subscribers
Views 3385 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Detections Many Level 4 messages

Andrzej Kozlowski 11 months ago

Hello,

Just upgraded my license to XDR and now under detections I see many level 4 warnings like:

SRP path rules missing.
Secure boot supported but not enabled.
DEP is not Admin Opt-out or Always-on.
Applications with special compatibility set for an executable.

I assume that I can safely filter them out. What is the recommendation for Risk Level to be checked ? Is it level 5 fine ?

This thread was automatically locked due to age.

0 Qoosh 11 months ago

Hi Andrzej,

I was able to locate some additional information on this in the following Release Notes & News blog
- XDR - Detections

When searching for some of the detections you're seeing, I am able to locate further guidance on how each can be resolved.
- SRP Path
- Enable Secure Boot
- Turning DEP off or on

Applications with special compatibility set will need to be investigated a bit further to determine which applications are affected. You can then reach out to the vendor of the app to inquire if the special compatibility set is required, or if there is an updated/more secure version of the app available.

Kushal Lakhan

Team Lead, Global Community Support
Connect with Sophos Support, get alerted, and be informed.
If a post solves your question, please use the "Verify Answer" button.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Vote Up 0 Vote Down

Cancel