I wanted to get some ideas on how we can prevent a potential issue like that recently discovered with MacAfee’’’’s false positive.
I will list below what I am doing and would like to get feedback on what others are doing.
1) I have multiple groups within the Sophos console containing pilot and production machines.
2) I have multiple polices that I keep in sync except for AV version.
3) I keep the pilot machines on the "recommended" setting in the policy.
4) The production machines stay 1 version behind which at this time is 9.0.5 VDL4.52 for at least 1 week.
5) If nothing happens to my pilot machines, nothing is reported in the news and there is nothing in posted in this user community I rollout the latest version to production.
Can anybody post their processes or comment on my processes?
thanks
Quote