I'm running 0patch for hot patching. After activating 'Active Adversary Mitigations' the 0patch Service is blocked mentioning "CredGuard" in the events on the PC itself.
Unfortunately in Sophos Central there is only reported that a malware is active or couldn't be cleaned.
Trying to create an exception I had to exclude the process as the exploit does not show up in the exploit list. But creating an exception for the process doesn't change the behaviour.
What can I do to create a working exception? Why does the exploit not show up in Sophos Central?
I should mention that I'm taking part in the EDR beta and have other versions installed. Maybe this is important.
This thread was automatically locked due to age.