Hello,
A client of ours has to download updates from their ERP software regularly and recently Sophos Endpoint has began flagging it as a PUA, we allowed the hash on the global exclusions, but as we know, each update would have a different hash.
Is there a way a can allow downloads from the website provided by the supplier to download the updates, or check the product name on the file proprieties, so it wont be scanned and consequently blocked?