Before using Host Intrusion Prevention System (HIPS) runtime behavior analysis for the first time, pre-authorize the legitimate programs and files that are already on your network.
Legitimate programs may include installers and update tools. Legitimate files may include spreadsheets with macros enabled and other files that are commonly used to spread malware.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Endpoint Security and Control
When developing in-house software programs please attempt to be as clear as possible about the origins of the applications. Try to include well-formed resource information wherever possible and resist using packing software commonly associated with malware.
Sign up to the Sophos Support SMS Notification Service to get the latest product release information and critical issues.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.