This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Scanning exclusion for malicious behavior false positive

Sophos Ultimate beta version 0.7 detected a false positive " 'Lockdown' malicious behavior prevented in GFI LanGuard Patch Agent Module"

This is a legitimate application used by MAX remote management to apply Microsoft and other 3rd party software patches.  I am unable to locate additional details in Sophos Central about the executable file that was prevented from running.

How do I navigate through Sophos Central to find the executable file that was blocked? 

Which of the two methods in Central do I use to exclude the application / executable?

1. Scanning Exclusion

2. Exploit Mitigation Exclusion



This thread was automatically locked due to age.