• Memory_1b (mem/xworm-a) Detected. Any Idea what might be the cause?

    Jimmy Mabedi
    Jimmy Mabedi
    Several computers have the alert 'Memory_1b (mem/xworm-a)'. It Says Manual malware cleanup required: 'Memory_1b (mem/xworm-a)' at 'c:\Program Files\Sophos\Sophos UI\Sophos UI.exe'. The following are the details of the alerts. Detection type: Behavioral…
    • Answered
    • 30 days ago
    • Sophos Endpoint
    • Discussions
  • low reputation app

    tan79
    tan79
    Hello, I already sent the sample file several times, but never get any feedback. my app remains low reputation. Please check this case. Thank you.
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Prevent malicious network traffic with packet inspection (IPS) with Microsoft Global Acces

    Shay Hanya
    Shay Hanya
    Hi When I enable the "Prevent malicious network traffic with packet inspection (IPS)", the Microsoft Global Acces stop working (microsoft ztna). Anyone knows why? Shay
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Sophos Endpoint Agent blocks GIMP 3.0 RC1

    Noneof Yourbusiness
    Noneof Yourbusiness
    I wanted to test GIMP 3.0 RC1 but Sophos always blocks the start It then shows: averted harmful behaviour 'Lockdown' Gimp installer link: download.gimp.org/.../gimp-3.0.0-RC1-setup.exe
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • intercept X Adv Agent does support or not

    Pradeep M
    Pradeep M
    Dear Team, Could you please help clarify whether the Sophos Intercept X Advanced agent supports Windows 7 and Windows Server 2012?
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • How to interpret Event::Endpoint::CorePuaClean - manual cleanup needed or not?

    Robert_Smith
    Robert_Smith
    would like to understand when manual cleanup is needed via API events/alerts alone this field in API events/alerts I am not clear on: Event::Endpoint::CorePuaClean 'result' API RESULT UNDERSTOOD: {"items":[{"descriptor":"C:\\Users\\SOMEUSERNAME…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Deploy Intercept X and get rid of other endpoint solutions in AD domain

    Andrej Pirman
    Andrej Pirman
    Hi, I am considering to replace existing Endpoint Security products (Webroot, ESET and Panda) with Sophos Intercept X on a dozen of customers. They all run Windows AD environment, most of clients are desktops in local domain. Is there any reliable automtion…
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Sophos Intercept X Version

    DavidGorman
    DavidGorman
    Hi all, How can I check the version of Sophos Intercept X installed on the devices? E.g. how can I check this information. The device tab just tells me if they are up to date, but not the actual version Core Agent: 2024.2.4.1.0 Sophos Intercept…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Sophos Endpoint Protection no Full Disk Access even after deploying configuration profiles

    IT MEAP
    IT MEAP
    Hey, I've been trying to grant Sophos Endpoint Protection full disk access via a configuration profile in multiple ways. I tried: Using the profiles provided by Sophos, Creating my own profiles using an older tutorial from Sophos ( Sophos Community…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Web Control Policy works in Edge not in Chrome

    Damian Kowalik
    Damian Kowalik
    Does anyone know why some browsers can access ChatGPT, but others cannot after a web control policy prohibiting access to it has been created? We do make use of Google Chrome and Microsoft Edge. Google Chrome does not ban the ChatGPT website, however…
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • SURF- SELF HELP TOOL

    Ahmed Khalil Abidi
    Ahmed Khalil Abidi
    The SURF tool is still available to download or use for partners?
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • How to deploy Sophos XDR endpoint protection and antivirus in offline environments?

    Hongbo Xia
    Hongbo Xia
    Hi team, The customer has purchased Sophos XDR for 400 terminal PC users, but all the terminal PCs cannot access the Internet. Based on this situation, how can the user computers use the endpoint protection function, how to deploy the agent, and use…
    • Answered
    • 1 month ago
    • Sophos Endpoint
    • Discussions
  • Sophos endpoint performance issues with 24H2

    Joe Amer
    Joe Amer
    Hiya, I am weirdly experiencing major hits to performance on a veriety of high end Windows surface devices following the 24H2 feauture update. I initially felt as if it was windows itself doing this but, upon testing, it seems to disappear when removing…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Sophos certificate error || 0365 error

    SatyabrataB
    SatyabrataB
    Hi, we are getting below error i have added Sophos certificate to the trusted certificate of windows but no luck also i have followed sophos KB article again same problem.if i removed endpoint from that machine error is not showing.
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Sophos Central Server Protection and Citrix PVS Image

    Sebastian Pilz1
    Sebastian Pilz1
    Hi all, I'm looking for instructions on how to install Sophos Intercept X with Citrix PVS services. The instructions I've already found all want to disable certain Sophos services to delete the machine_id file, and that's where the problem comes in…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Data Loss Prevention Policies - How to configure alerts to not generate a new alert for the same event in specified amount of time

    Ugo Marzola
    Ugo Marzola
    Hello everyone, I have configured DLP policies for one of our clients, they work as expected. There is just one remark our client gave us : Sometimes if a user does the same action repeateadly, generating alerts every time he does that action, that…
    • Answered
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Ubuntu Linux Server high CPU for hours osqueryd.4 at 100%

    LHerzog
    LHerzog
    We have a 4 core VM with Linux SPL Agent 2024.2.1.2 4 regular processes run and each run intended at 100% - usually. Currently Sophos osquery.4 is consuming 1 core at 100% so the other 4 processes run at about 75% only, slowing down calculations of…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • ChatGPT file uploading does not work due to Sophos EndPoint

    Rafael Telles
    Rafael Telles
    I have been using Sophos EndPoint for about 3 years and using ChatGPT for about a year. Everything has been working fine until about 4 to 6 weeks ago when all of the sudden staff in our office cannot upload files to ChatGPT. I wasn't sure what is was…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • sophos agent is not updated

    Shay Hanya
    Shay Hanya
    Hi After installing Sophos agent, the agent is not communicating with central. I put the password in the agent, after that I can not select the 4 hours disabled protections. When I disable the temper protection, but the agent is not communicating…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Remove Intercept X Essentials completely on macOS

    Rob Coenen
    Rob Coenen
    Hello, A customer of ours had an old MacBook and transferred it, via Apple's migration assistant, to a new MacBook. Now today I wanted to install Sophos Intercept X Essentials but the installer indicated that the product was already installed. However…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Is Sophos CPU history recorded in Data Lake?

    PK1
    PK1
    Is Sophos CPU history recorded in Data Lake?
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • How query 35 Sub-Estates from Sophos Central Intercept X Advanced

    volpedan
    volpedan
    Hi Community, I would like to be able to query the Sophos Sub-Estates db with SQL. I read that there is Live Discover service for queries, but I wonder if it can be purchased with a separate license. Otherwise, I would like to know a way to connect…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Need command to identify BitLocker is managed by Sophos Encryption on the PC itself

    ArtL
    ArtL
    I have identified a problem with Sophos Encryption, and I need to do a validation before bringing it up with Support as an issue. I can run a powershell command (as seen below) to find the encryption status however it doesn't tell me that it was Sophos…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • MacOS Agent Deployment via Intune - Allowing System Extensions

    Jason Bristow
    Jason Bristow
    Hello, I am looking for help with deploying Sophos Endpoint to MacOS via Intune. Specifically, I would like help configuring the configuration profile to set the permissions for: Full Disk Access system extensions notifications You have…
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • Application Control Policy Not Working

    ptho
    ptho
    Hi Sophos, I can't get the Application Control policy to block Proxy / VPN Tools. I've tried to edit the Base Policy as well as create a new policy and neither seem to work. See the attached image. I have tried selecting all VPN / Proxt Tool objects…
    • Answered
    • 2 months ago
    • Sophos Endpoint
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
>