Sophos Ultimate beta version 0.7 detected a false positive " 'Lockdown' malicious behavior prevented in GFI LanGuard Patch Agent Module"
This is a legitimate application used by MAX remote management to apply Microsoft and other 3rd party software patches. I am unable to locate additional details in Sophos Central about the executable file that was prevented from running.
How do I navigate through Sophos Central to find the executable file that was blocked?
Which of the two methods in Central do I use to exclude the application / executable?
1. Scanning Exclusion
2. Exploit Mitigation Exclusion
This thread was automatically locked due to age.