• Memory_1b (mem/xworm-a) Detected. Any Idea what might be the cause?

    Jimmy Mabedi
    Jimmy Mabedi
    Several computers have the alert 'Memory_1b (mem/xworm-a)'. It Says Manual malware cleanup required: 'Memory_1b (mem/xworm-a)' at 'c:\Program Files\Sophos\Sophos UI\Sophos UI.exe'. The following are the details of the alerts. Detection type: Behavioral…
    • Answered
    • 25 days ago
    • Sophos Endpoint
    • Discussions
  • low reputation app

    tan79
    tan79
    Hello, I already sent the sample file several times, but never get any feedback. my app remains low reputation. Please check this case. Thank you.
    • 28 days ago
    • Sophos Endpoint
    • Discussions
  • Prevent malicious network traffic with packet inspection (IPS) with Microsoft Global Acces

    Shay Hanya
    Shay Hanya
    Hi When I enable the "Prevent malicious network traffic with packet inspection (IPS)", the Microsoft Global Acces stop working (microsoft ztna). Anyone knows why? Shay
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Sophos Endpoint Agent blocks GIMP 3.0 RC1

    Noneof Yourbusiness
    Noneof Yourbusiness
    I wanted to test GIMP 3.0 RC1 but Sophos always blocks the start It then shows: averted harmful behaviour 'Lockdown' Gimp installer link: download.gimp.org/.../gimp-3.0.0-RC1-setup.exe
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • intercept X Adv Agent does support or not

    Pradeep M
    Pradeep M
    Dear Team, Could you please help clarify whether the Sophos Intercept X Advanced agent supports Windows 7 and Windows Server 2012?
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • How to interpret Event::Endpoint::CorePuaClean - manual cleanup needed or not?

    Robert_Smith
    Robert_Smith
    would like to understand when manual cleanup is needed via API events/alerts alone this field in API events/alerts I am not clear on: Event::Endpoint::CorePuaClean 'result' API RESULT UNDERSTOOD: {"items":[{"descriptor":"C:\\Users\\SOMEUSERNAME…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • MDR Appliance

    GUARDIAN SOC
    GUARDIAN SOC
    We have an MDR virtual appliance deployed. We are looking at installing physical MDR "mini-servers" at other sites. We haven't been able to find any information related to this. Is this an option? Any related advice or best practices for deploying these…
    • 1 month ago
    • Sophos Central
    • Discussions
  • Sophos Central support on Arch Linux

    Warren Bondoc
    Warren Bondoc
    Does Sophos Central Endpoint/Server support Arch Linux platform? Thanks!
    • Answered
    • 1 month ago
    • Sophos Central
    • Discussions
  • Deploy Intercept X and get rid of other endpoint solutions in AD domain

    Andrej Pirman
    Andrej Pirman
    Hi, I am considering to replace existing Endpoint Security products (Webroot, ESET and Panda) with Sophos Intercept X on a dozen of customers. They all run Windows AD environment, most of clients are desktops in local domain. Is there any reliable automtion…
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • #IDEA - Reports - Data Loss Prevention

    Bruno Neris
    Bruno Neris
    Hello everyone. I would like to suggest a new idea. In DLP reports for (Endpoints) and (Email). We noticed that the report does not show the column (Rule Content), the content of the rule, only its name. We would like to suggest as an idea…
    • 1 month ago
    • Sophos Central
    • Discussions
  • Sophos Intercept X Version

    DavidGorman
    DavidGorman
    Hi all, How can I check the version of Sophos Intercept X installed on the devices? E.g. how can I check this information. The device tab just tells me if they are up to date, but not the actual version Core Agent: 2024.2.4.1.0 Sophos Intercept…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Mal/EncPk-AQQ - Malware alert

    Raza Mirza
    Raza Mirza
    Hi, in our environment there are alerts raised about Mal/EncPk-AQQ related to googleupate.exe & updater.exe (version 132.0.6806.0) as Malware, when searched about the Mal/EncPk-AQQ there is no information in sophos forum, request you to kindly advise…
    • Answered
    • 1 month ago
    • Sophos Central
    • Discussions
  • Sophos Endpoint Protection no Full Disk Access even after deploying configuration profiles

    IT MEAP
    IT MEAP
    Hey, I've been trying to grant Sophos Endpoint Protection full disk access via a configuration profile in multiple ways. I tried: Using the profiles provided by Sophos, Creating my own profiles using an older tutorial from Sophos ( Sophos Community…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Web Control Policy works in Edge not in Chrome

    Damian Kowalik
    Damian Kowalik
    Does anyone know why some browsers can access ChatGPT, but others cannot after a web control policy prohibiting access to it has been created? We do make use of Google Chrome and Microsoft Edge. Google Chrome does not ban the ChatGPT website, however…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • SURF- SELF HELP TOOL

    Ahmed Khalil Abidi
    Ahmed Khalil Abidi
    The SURF tool is still available to download or use for partners?
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • How to deploy Sophos XDR endpoint protection and antivirus in offline environments?

    Hongbo Xia
    Hongbo Xia
    Hi team, The customer has purchased Sophos XDR for 400 terminal PC users, but all the terminal PCs cannot access the Internet. Based on this situation, how can the user computers use the endpoint protection function, how to deploy the agent, and use…
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Sophos endpoint performance issues with 24H2

    Joe Amer
    Joe Amer
    Hiya, I am weirdly experiencing major hits to performance on a veriety of high end Windows surface devices following the 24H2 feauture update. I initially felt as if it was windows itself doing this but, upon testing, it seems to disappear when removing…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Sophos certificate error || 0365 error

    SatyabrataB
    SatyabrataB
    Hi, we are getting below error i have added Sophos certificate to the trusted certificate of windows but no luck also i have followed sophos KB article again same problem.if i removed endpoint from that machine error is not showing.
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Sophos Central Server Protection and Citrix PVS Image

    Sebastian Pilz1
    Sebastian Pilz1
    Hi all, I'm looking for instructions on how to install Sophos Intercept X with Citrix PVS services. The instructions I've already found all want to disable certain Sophos services to delete the machine_id file, and that's where the problem comes in…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Data Loss Prevention Policies - How to configure alerts to not generate a new alert for the same event in specified amount of time

    Ugo Marzola
    Ugo Marzola
    Hello everyone, I have configured DLP policies for one of our clients, they work as expected. There is just one remark our client gave us : Sometimes if a user does the same action repeateadly, generating alerts every time he does that action, that…
    • Answered
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Ubuntu Linux Server high CPU for hours osqueryd.4 at 100%

    LHerzog
    LHerzog
    We have a 4 core VM with Linux SPL Agent 2024.2.1.2 4 regular processes run and each run intended at 100% - usually. Currently Sophos osquery.4 is consuming 1 core at 100% so the other 4 processes run at about 75% only, slowing down calculations of…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • ChatGPT file uploading does not work due to Sophos EndPoint

    Rafael Telles
    Rafael Telles
    I have been using Sophos EndPoint for about 3 years and using ChatGPT for about a year. Everything has been working fine until about 4 to 6 weeks ago when all of the sudden staff in our office cannot upload files to ChatGPT. I wasn't sure what is was…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • sophos agent is not updated

    Shay Hanya
    Shay Hanya
    Hi After installing Sophos agent, the agent is not communicating with central. I put the password in the agent, after that I can not select the 4 hours disabled protections. When I disable the temper protection, but the agent is not communicating…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Remove Intercept X Essentials completely on macOS

    Rob Coenen
    Rob Coenen
    Hello, A customer of ours had an old MacBook and transferred it, via Apple's migration assistant, to a new MacBook. Now today I wanted to install Sophos Intercept X Essentials but the installer indicated that the product was already installed. However…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Sophos Central Detections

    admin_idl
    admin_idl
    Hello, We have a Sophos Central account with about 150 computers and 25 servers. XDR is used. The licences have currently been active for about 8 days, but no detections have been displayed so far. Could it be that nothing has been detected so far and…
    • 2 months ago
    • Sophos Central
    • Discussions
>