Data Control and DLP
Endpoint Security and Control
Sophos UTM 9
Tweets by SophosSupport
Interesting Windows Event IDs - Malware/General Investigation
Created: 22 May 2019
This KBA lists the Event IDs generated by Windows and are helpful during investigations around RDP Attacks or common malware investigations.
How to Collect Windows Events Logs using AttackLogs.XML
Created: 21 May 2019
Custom Windows EVT log view for use in malware investigations.
CVE-2019-0708: Remote Desktop Services remote code execution vulnerability (known as BlueKeep)
Created: 15 May 2019
This article covers information about CVE-2019-0708, its impact on Sophos products and customers
Sophos Wireless Access Point: How to do a site survey
Created: 3 Mar 2019
This article describes how to to a site survey and emphasize its importance before deploying Access Points (AP).
Sophos Support: Learn how to contact your support team, get alerted and be informed
Created: 11 Jan 2019
This article outlines the various ways to get support for Sophos Products, keep up to date with the latest Sophos news and alerts, and links to our documentation materials.
HTTPS Decrypt and Scan FAQ
Created: 26 Oct 2018
This article provides information regarding HTTPS scanning.
Determine Last Shutdown/Startup Time and Type
Created: 17 Oct 2018
This KBA helps to find out when a Windows machine was last shutdown or rebooted. Additionally, it also helps us find the type of Startup of the machine i.e. Normal/Safe Mode
How to Create a Self Signed SSL Certificate with Windows Server
Created: 24 Jul 2018
This article will walk through how to create a Self Signed SSL Certificate using IIS in Windows Server 2012.
How to Verify if a Machine is Vulnerable to EternalBlue - MS17-010
Created: 14 May 2018
Determine if a host system is patched with a critical Microsoft patch MS17-010
Mal/Generic-R detections explained
Created: 23 Jan 2018
A detection for Mal/Generic-R indicates that the file has a low Reputation (R).