I have been using Sophos EndPoint for about 3 years and using ChatGPT for about a year. Everything has been working fine until about 4 to 6 weeks ago when all of the sudden staff in our office cannot upload files to ChatGPT. I wasn't sure what is was…

Hi, we are a new partner coming from an ESET ecosystem, looking to replace it with Sophos for our customers, since we are using XGS and it makes sense to integrate Endpoint as well. While testing Intercept X in our environment first, my developers…

Hi, We have a Sophos Intercept-X user that has problems running End of Month reports via Excel in a certain CRM application. He is the only user requiring this functionality. We have tracked the issue down to being a .XLL (I assume that is an Excel…

Hi all, i've got a false-positive outbreak detected on one fileserver. There're around 100 Items in Quarantine - alerts spread over 6 pages in Events-Section in central. i went through that list multiple times but was able to release 95 elements from…

Hi guys, Is it possible to block certain files when they are executed? For example, block all .EXE files when they are clicked

Hi! I just found a bug in the Sophos Central dashboard and could not find it in the known issues list. Here's how to replicate the issue: 1. Create an exclusion of the type "Exploit mitigation", choose an application and deactivate at least one of…

What is your company's policy regarding the operation of endpoint protection for software developers? I like Sophos Endpoint Protection, but the software developer environment is a headache. Our anti-threat policy has been so badly written that exceptions…

Hello, recently we've had multiple issues that Intercept X prevented installation or execution of software because it suposedly prevented "Lockdown". It likes to block our remote maintainance software because of this, and today I was unable to install…

Hello, we have a problem with the feature “Protect network traffic”. We are using a terminal server, on which employees work with a program that uses EWS to send mails. We now have the problem that Sophos blocks the automatic login process via the…

We need to exclude some files from Sophos File Scanner on network drives. Lets say we have mapped drive N:\ with \\server1\share1 I tested access and logged with procmon and SFS debug logs, what is scanned, when opening N:\file1 I can see \\server1…

Hi all, I would like to know onething Sophos InterceptX Advanced EP can do skip scanning below these. > Some folders/files in server : if don’t want to scan.(File type is x.raw and other proprietary formats).

Hello, i would like to add a File-Exclusion rule for multiple filetypes and one specific path. Do i need to add multiple exclusions for each filetype or can i just create one rule for all? Here is an example: "C:\Test\Folder\*.txt,*.zip,*.abc…

We have an application that is found safe from Sophos Labs Team. How would I exclude it in Central? I have disabled all features on the endpoint as a test and it is still detected. Excluded the process path. No luck. Mitigation DLLHijack Policy…

Hi Sophos, We are receiving what we believe to be false positives with a piece of software at use in our ogranisation. This software is triggering an event on the affected device for 'DynamicShellcode'. I understand that I can go to this device…

Hallo Zusammen, hat jemand von euch Erfahrung mit dem Einsatz von Sophos Endpoint und Proficash? diese Bankingsoftware ist bei aktiven Endpoint schutz sehr langsam. Wenn die Policy's im Endpoint alle deaktiviert werden ist die Software wieder schnell…

Hey there. I know this question has been asked a few years back, but i hope there is an update to this. I deployed Sophos CIXA on my PC and it started automatically deleting some of my trusted software i use as a network technician. The files…

I am the admin for quite a number of Hanwha camera servers. Several in particular are in a school system. Once our servers were installed, unknown to us, they deployed SOPHOS on the servers. Now we are seeing numerous crashes, lockups, packet losses and…

Good morning, We use Faronics Deep Freeze in our environment on shared-use PCs in classrooms and computer labs. We are experimenting with turning on data lake uploads to start using the threat analysis center, and the Deep Freeze detections are very…

Just as the subject asks: Can PSTools be excluded for a single machine (for Sophos admin)? if so, how can I create that exclusion so that it's not alerting every time I try to download and install it? I don't want to create a global exclusion because…

Open Powershell 7 Connect-IPPSSession -UserPrincipalName User@domain.com MS login processes starts by trying to open a browser window with a local host address and a random port. The connection is refused and the login process to MS stops localhost…

I want to exclude the following (example) from real-time scanning: This directory ( 26e9f183-6e80-4436-8461-a67d55c5e4b1) is randomized within the user's profile temp directory c:\Users\testuser\Temp\26e9f183-6e80-4436-8461-a67d55c5e4b1 These files…

Anybody else tried using the "$" variable to exclude a filename and not work?? Looking at the article: Exploit mitigation or ransomware wildcards and variables - Sophos Central Admin Is says this: VariableExample $ All available drives. For…

Hi, I have an application created using VMware ThinnApp. Something like a portable application. The last few days I have been getting the application blocked on HollowProcess. Unfortunately the application is quite important for me and I need to run…

One of our user has " Outbreak detected " report due to the following domain access. does this site really have any issue or this is an wrong detectection, as much as I can see it blocked image files only ? if no how sophos going to resolve it? https…

Hi, in our VoIP Client there is a ROP Detection. After searching, this is by Exploit detection engine. No I can set exclusions for a lot of things and I in all I checked, it is possible to make a comment like here: but for exploit mitigation…