Dear Team,
Can we Block Batch file execution or Command Prompt through Sophos Endpoint Protection?
If yes then Kindly provide a KB article.
This thread was automatically locked due to age.
Dear Team,
Can we Block Batch file execution or Command Prompt through Sophos Endpoint Protection?
If yes then Kindly provide a KB article.
Hi Shashank,
Thanks for reaching out to the Sophos Community Forum.
It is not currently possible to block batch file execution, though you will remain protected from malicious batch files. With the behaviour-based scanning from Intercept X, if a batch file begins disabling key security features or downloads malware from known malicious sites, the processes will be stopped.
Command Prompt is not currently listed as a controlled application, it is not possible to block CMD through Sophos Endpoint. With that being said, the same behaviour-based scanning will still be in place; should malicious commands or operations be triggered via CMD, they will be blocked as well.
I was able to locate a GPO which will allow you to block CMD specifically:
Hi Shashank,
Thanks for reaching out to the Sophos Community Forum.
It is not currently possible to block batch file execution, though you will remain protected from malicious batch files. With the behaviour-based scanning from Intercept X, if a batch file begins disabling key security features or downloads malware from known malicious sites, the processes will be stopped.
Command Prompt is not currently listed as a controlled application, it is not possible to block CMD through Sophos Endpoint. With that being said, the same behaviour-based scanning will still be in place; should malicious commands or operations be triggered via CMD, they will be blocked as well.
I was able to locate a GPO which will allow you to block CMD specifically: