I'm doing a POC with Crowdstrike and on the test computer we received a file that was detected as ( RegistryPersistEdit ) by Crowdstrike's machine learning. Sophos detected nothing and let the file make changes to the Windows registry. Sophos machine learning doesn't work? This is worrying. I have a ticket where I sent the sample file (07062400)
This thread was automatically locked due to age.