This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Latest KB's] Sophos Intercept X: How to deal with CredGuard Detection

Hey Community,

Credential Guard or commonly known as Credential Theft Protection is a component of Sophos Central Intercept X and Exploit Prevention. 

LSASS(Local Security Authority Sub System) is a process in Microsoft's Windows Operating Systems which is responsible for enforcing the security policy on the system. It verifies the validity of the users logging to a machine/server, manages passwords and is responsible for generating access tokens.

Credential Guard shields the LSASS(lsass.exe) process against injection and force read access from unauthorized process. It has been designed specifically to prevent any attempt of harvesting or stealing user credentials directly from memory.

Please visit this KB article for more information.

Regards,



This thread was automatically locked due to age.