The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
Endpoint Security and Control provides two forms of suspicious detection:
Note: When Endpoint Security and Control is first installed, suspicious behavior protection is in alert only mode.
When blocking of suspicious behavior and files is enabled, Endpoint Security and Control will
However, Endpoint Security and Control will only indicate that the file or behavior may be a threat, as in some cases it may turn out to be a clean and legitimate file. You will need to look at the file and determine whether you want to continue to block it, or to authorize it.
Do one of the following:
For more information about how to configure the scanning and detection of suspicious behavior and suspicious files, and how to authorize or block these programs and files, refer to the Enterprise Console help.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.