I recently discovered that HMPA blocking certain malicious behaviors can already trigger a Cleanup, and I have a suggestion to change the HMPA blocking prompts to be more aptly named based on the MITRE ATT&CK architecture, as in the behavioral defense…

Currently, there is no pop-up alert for blocking controlled items. Will the next version add a switch for this alert, just like the alert for found viruses?

I’m facing issues where Sophos is not triggering alerts for certain security events that I believe should be flagged. Despite having the correct alert settings configured and running routine scans, some critical threats or suspicious activities are not…

This is the most useless message. Where in Central can you view what specific applications are in quarantine? On the rare occasions where it does actually list the file as an alert, you can't even issue an instruction via Central to remove the offending…

Hello everyone, are there currently any problems with the detection page? The last detection I am seeing now is from yesterday 1 PM. Usually i see a lot of 4625 (failed logins) in the morning. Best regards, Jonas

Hello, so far i havent been able to get email alerts from Sophos Central as i would like to. Only alerts i am getting are basicly from firewall when gateway is up and down and those are actually low and high alerts. Why i am not getting alerts about…

Hello everyone, is there a built-in option to get SMS-messages for Sophos Central alerts?

Hello everyone, We are not receiving anymore the new investigation notification since 25-10-23 and we did no changed anything. I see that there is changes with case and investigation which is legacy now. We also checked in Threat analysis center …

I cannot find any way to send a test mail from Sophos Central.

We are using Sophos Central Endpoint Security and is there a way to send email alerts from the alerts generated by the Sophos Threat Analysis Center? Thanks.

Hello everyone, Is it possible to set up an email alert for high risk XDR detections (no MDR-costumer) ? I am talking about the detections in the "Threat Analysis Center". For example, I want to be informed if a risk 6 or higher detection was found…

Hallo zusammen, habe leider nichts gefunden und muss euch fragen. Kann man in der Central eine Benachrichtigung einstellen, wenn an der Konfiguration etwas geändert wurde (durch einen 2. Admin z.b.) Ich sehe es in der Central im Überwachungsprotokoll…

Hey there, For the last few months, we have been getting lots of alerts that say the following: "Device failed to update because it does not support Azure Code Signing. See knowledge base article" As i understand it, sophos changed something…

Hi everyone I need to receive real-time alerts from my devices that have the sophos agent installed. All alerts (high priority and alerts) How can I enable it in my central admin? i created a custom rule like from the picture Thank you

We continue to experience VERY poor support. Techs seem unable to review the ticket and notes before asking questions already answered. We've yet to have an experience with Support where our issue is addressed by someone able to solve the issue. Opened…

Apr 10, 2023 12:25 PM 'https://142.251.16.132/' blocked due to category 'Advertisements & Pop-Ups' What happened: We made more than 100 detections in 24 hours. Where it happened: WRET1675 A couple of weeks ago I made a change to allow…

Simple question but I cannot find the setting in Central: Where can I enable mail notification for virus found on endpoint? Currently Sophos Central is sending mails mostly for things we don't care about. If malware was found - total silence, not…

Hi, When in Sophos Central, looking at the alerts, there are no timestamps shown. However, there is a row with {{$$scope.formatTime($$row.when)}}, which I pressume is the timestamp of the alert. What can be done to solve this, so {{$$scope.formatTime…

Hi All, A bit of a newbie question I suspect, but here goes anyway. We manage lots of computers across numerous schools from Sophos Central. We have some computers that are reporting a status of "Failed to protect", which I suspect is because they never…

The email notification to report that Sophos has release a product update points to " ">central.sophos.com/.../controlled-updates" instead of " ">central.sophos.com/.../controlled-updates-server" 

I would like to exempt a select few devices from the requirement to check in, as we have some computers that sit on the shelf powered off and disconnected until a user requires them, as well as some meeting room laptops that are not regularly used. These…

Good Morning! I've been having a problem for a while and I receive the endpoint alert emails, could you help me?

When an endpoint in Sophos Central shows an out-of-date device that needs updated... Is it better to force an update through Sophos Central Admin Dashboard or wait till it checks for updates automatically on the scheduled day/time? Any suggestions or…

Rather than having to go to Email Security Dashboard / Reports / Data Loss Prevention Policy Violations and look at the log, I'd like Sophos Central to send me an email when it detects a violation. I don't see an option to generate an email.

We used to use SEC and this all worked fine. We mainly used to use Email notifications to monitor when users were plugging in USB devices, and it also used to send us an email detailing which files had been copied. When we moved to Sophos central, it…