Hello everyone, I have configured DLP policies for one of our clients, they work as expected. There is just one remark our client gave us : Sometimes if a user does the same action repeateadly, generating alerts every time he does that action, that…

Hello, We have a Sophos Central account with about 150 computers and 25 servers. XDR is used. The licences have currently been active for about 8 days, but no detections have been displayed so far. Could it be that nothing has been detected so far and…

Is Sophos CPU history recorded in Data Lake?

Hi! I wanted to know if there is a way to download the list of users and the serial numbers of the computers assigned to them. From what I've seen in the reports section, it doesn't allow modifying the columns. Do you know if it's possible to download…

I have identified a problem with Sophos Encryption, and I need to do a validation before bringing it up with Support as an issue. I can run a powershell command (as seen below) to find the encryption status however it doesn't tell me that it was Sophos…

Hi Sophos, I can't get the Application Control policy to block Proxy / VPN Tools. I've tried to edit the Base Policy as well as create a new policy and neither seem to work. See the attached image. I have tried selecting all VPN / Proxt Tool objects…

Sophos Endpoint running reliably in our environment for 5-ish years. There is a message / cache server on-prem that supports our clients, and we've had no major issues. All Dell Latitude / OptiPlex equipment. In this specific example, I'm using a Latitude…

Buenos Día comunidad, Alguien sabe ¿cuál es la diferencia entre ID de modelo e ID de instancia? al crear excepción de periféricos . Muchas gracias.

Hello, we decided to activate the file protection option in Sophos Device Encryption. What type of encryption is being used within the HTML5 Containers ? BR

Hi, Anyone knows how to configure Sophos DLP, or other tool, to check fields To, CC, Bcc for existing multiple external domains? Example: TO: cccc@gmail.com;bbbbb@hotmail.com In cases when more than one external domain is fond, stop to send e-mail…

Hi is there a managed exclusion List for the Endpoint SSL/TLS Decryption module? I only found the possibility to add custom URLs as exclusion. We use Sophos Firewall as well and there is the URL Group " Managed TLS exclusion list" with a bunch of…

One more question, how to customize the tamper protection password?

As residents of Saudi Arabia, SAMA provides us with YARA rules for threat detection. How can we effectively create and implement our own query within Sophos Central to scan for these YARA rules? What are the best practices and challenges associated…

Hi, We've recently moved to a hybrid setup for our Windows devices (local active and Intune). Many devices have successfully fully setup but most have not. They are registered with Intune and show compliance, however we have found that those not working…

Hello, I would like to suggest an improvement to the Peripheral Control Policy by adding a note/comment field where we can enter a text justifying the exception. I have “old” exceptions for USB sticks/disks that I can't remember what/who they were…

Hi, Is there any osquery to get all the domain-joined machines where the "Domain Users" group is added to the "Remote Desktop Users" local group?

Hello community, How can I decontrol a specified category for a user or user group ? Best regards, Thomas

We have a situation that's causing some annoyance with both our IT Engineers and our Information Governance staff, and its all to do with the DLP alerts to Admins when a user may be breaking our policies. I've looked at the Custom Rules for Admin email…

Hello, I am currently using Sophos Endpoint Protection Intercept X Advanced in the company network. Is it possible with Endpoint Protection to block USB interfaces for storage media such as USB sticks or external hard drives? So that only approved USB…

Hello, I have a Windows 11 Pro Client that has a Sophos Endpoint Protection Client installed. But in Sophos Central the client is not listed any more. When I start an update on the client manually, there comes an error. I can´t find any way to…

Hi, I have read through these forums and also some FAQ's and everything I have tried hasn't worked. The SOPHOS administrator has been unable to recover the key, so this problem has been dumped in my lap. Does anybody have a method they have successfully…

I have a hash like: 6ea2c9276c122222222222f9ae2 i want to search on the clients for this hash. is there a posibility to search with Sophos EP?

Hello there, I am trying to block TLDs in Sophos Central using Website Management—Add Website Customisation, and instead of putting many domains with a malicious top domain, I would like to be able to block this particular domain. What should I…

Hi all, I have installed Sophos EP in client and it's possible to control "no internet access and only the website that allow from Sophos Central" ? or can block all http and https from Sophos Central ?

Dear Team, Can we block a content in a file such as adhar card number sent in a file or so.