This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Authorize unspecified PUA

Hello!

Im currently adding authorizations for harmless files in our Sophos Enterprise Console.

I do it by the authorization-option in the respective Antivirus and HIPS policy.

The problem here is, not every Adware/PUA is specified therefore may not be listed as "known Adware/PUA" and is more generally categorized under "Generic PUA xx".

I dont want to allow every Generic PUA of the category the wanted Adware/PUA is associated with as you might understand.

Now, is there a way to specify an unspecified Adware/PUA so i can allow it without allowing other potentially harming Adware/PUA with it?

Thanks for your help



This thread was automatically locked due to age.
  • Hello RenéGagneur,

    it's always a good idea to send a sample for generic detections. Indeed you should avoid authorization of generic entries. It's possible to whitelist a file or refine the generic detection (and often this is done so you don't have to authorize the PUA category permanently).

    Christian