We have a terminal server running Sophos Intercept X Essentials. This now also reported a detected manipulation of the browser and provided corresponding information. How do you deal with this? Do you always report these reports to the Sophos team or do you restart the devices and perform a deep scan and check off the potential threat as a false alarm?
I just closed a case, but I'm wondering if this is something that happens often and how to resolve these issues responsibly.
Edit Tags
[edited by: GlennSen at 4:43 AM (GMT -7) on 25 Mar 2024]
