This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Authorize unspecified PUA

Hello!

Im currently adding authorizations for harmless files in our Sophos Enterprise Console.

I do it by the authorization-option in the respective Antivirus and HIPS policy.

The problem here is, not every Adware/PUA is specified therefore may not be listed as "known Adware/PUA" and is more generally categorized under "Generic PUA xx".

I dont want to allow every Generic PUA of the category the wanted Adware/PUA is associated with as you might understand.

Now, is there a way to specify an unspecified Adware/PUA so i can allow it without allowing other potentially harming Adware/PUA with it?

Thanks for your help

This thread was automatically locked due to age.

Parents

0 QC over 8 years ago

Hello RenéGagneur,

it's always a good idea to send a sample for generic detections. Indeed you should avoid authorization of generic entries. It's possible to whitelist a file or refine the generic detection (and often this is done so you don't have to authorize the PUA category permanently).

Christian
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 8 years ago

Hello RenéGagneur,

it's always a good idea to send a sample for generic detections. Indeed you should avoid authorization of generic entries. It's possible to whitelist a file or refine the generic detection (and often this is done so you don't have to authorize the PUA category permanently).

Christian
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data