(All) Live Discover & Response Query Forum

Hello Sophos Team, I wanted to know if there is any query capable of validating the installation of a specific KB of Microsoft Office on Windows computers, whether it is a monthly update or security update. The purpose of this query is to verify...

Hi folks, apparently the "Logs & Reports" in our sophos central dashboard has been updated. Unfortunately at the top we lost our scheduled reports which we could customize with the little pin icon. Surprised that Sophos went live with such update...

Hello Sophos Team, I wanted a live discovery query that would retrieve the version of any software installed on macOS machines in my environment, as well as the hostname / IP of the machines. The purpose of this query is to verify and patch all programs...

Similar to the Threat Indicators report in Central today, this query evaluates the machine learning and reputation scores to provide a list of the most suspect executables observed in the environment with the added benefit that customers can fine tune...

This query will detail network activity for a defined Sophos Process ID -- Data Lake show network activity for defined Sophos Process ID -- VARIABLE $$sophos_pid$$, SophosPID WITH split_pids AS ( SELECT x2.new_pid, x1.* FROM xdr_data...