Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 14 subscribers
  • Views 869 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Alarm Naming Proposal for HMPA

ong! L

I recently discovered that HMPA blocking certain malicious behaviors can already trigger a Cleanup, and I have a suggestion to change the HMPA blocking prompts to be more aptly named based on the MITRE ATT&CK architecture, as in the behavioral defense module developed by sophos itself.

Here are some hypothetical names for HMPA blocking, to better fit the MITRE ATT&CK framework and the self-developed Behavioral Defense nomenclature:

Exec_SysCallX64 (T1106)
Impact_CryptoGuard (T1106)
Exec_HollowProcess (T1055)

This is just a friendly offer. Thank you.



This thread was automatically locked due to age.
Parents
  • 0

    Hello Ong,

    Thank you for reaching out to the community forum.

    We appreciate the input you've shared to improve our product. I suggest you raise this idea as a feature request with your account manager so they can share this suggestion with our internal team. 
    Setting your expectations: Not all suggestions under feature requests can be implemented, as our team needs to scale the request's value according to its impact as a whole. 

    Once again, Thank you for sharing this idea, and don't hesitate to share it with us when you have one in the future. Have a good day ahead, Slight smile

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • 0

    Hello Ong,

    Thank you for reaching out to the community forum.

    We appreciate the input you've shared to improve our product. I suggest you raise this idea as a feature request with your account manager so they can share this suggestion with our internal team. 
    Setting your expectations: Not all suggestions under feature requests can be implemented, as our team needs to scale the request's value according to its impact as a whole. 

    Once again, Thank you for sharing this idea, and don't hesitate to share it with us when you have one in the future. Have a good day ahead, Slight smile

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
No Data
Unfiltered HTML