Application Control Updates Pre-release Notice
The following have been identified as applications that would benefit from some level of control and will be added to the existing list.
Note: These applications will be automatically blocked for customers who have enabled the following optional setting in their Application Control policy for either Sophos Central or Enterprise Console:
- Sophos Central: New applications added to this category by Sophos
- Enterprise Console: All Added by Sophos in the future
If you don’t want new applications to be automatically blocked the above setting can be disabled.
This is a notification for the latest Application Control 6.02 data update, which is currently planned to be rolled out on the 4th July 2023. Occasionally the list changes slightly before the release date, there will be a follow-up update on the release date to confirm it has been released.
| Application name | Type | Owner |
| RAD Studio | ProgrammingScriptTool | Embarcadero Technologies, Inc. |
| Techsmith Capture | ScreenCapTool | techsmith corporation |
| Sysinternals Process Suspender | SystemTool | Microsoft Corporation |
| Autodesk Access | SoftwareUpdater | Autodesk Inc. |
| DWService Agent | RemMan | DWSNET |
| PingTunnel | Proxy | Daniel Stodle |
| Gener8 Update | Browser | Gener8 Ads Ltd. |
| RG Supervision | SystemTool | RG System |
| Torrent RT | P2P | Torrent RT |
| MobaXterm | RemMan | Mobatek |
| macOS | ||
| ScreenPal | ScreenCapTool | ScreenPal |
| Techsmith Capture | ScreenCapTool | TechSmith Corporation |
| Migration Assistant | SystemTool | Apple Inc. |
IMPORTANT -
MobaXterm for Windows is a toolbox for remote computing. It provides remote network tools like SSH, RDP, VNC etc.. MobaXterm is portable remote access/Admin package. Sophos already has AppC detections for many of similar components by other vendors like VNC, PUTTY etc..
We are increasingly seeing threat actors using remote access tools as part of the attack chain, to connect back out of a compromised machine. Sophos is planning to add AppC detection for MobaXterm application. MobaXterm will be categorized as Remote management tool and will be published in this release. Customers who want to continue to use this application in their environment, please modify your application control policy to allow MobaXterm.
NOTE: Due to Holiday in US on 4th of July 2023, this list of application will be released on 5th July 2023.
For information on configuring Application Control please review these links:
- Complete Controlled Application list: Controlled Applications
- Sophos Central managed: Sophos Central Application Control Policy
- Sophos Enterprise Console managed: Enterprise Console Application control policy
- For frequently asked questions: Application Control Frequently Asked Questions (FAQ)