Hello, We have a Sophos Central account with about 150 computers and 25 servers. XDR is used. The licences have currently been active for about 8 days, but no detections have been displayed so far. Could it be that nothing has been detected so far and…

I want to make a report of detection from sophos central, but there is no such a button to export those kind of data. I need 'detection rule', 'date', 'category', 'severity' contents in this report. Someone know how to make this kind of report…

Hi, we use Sophos on MAC's and i have some questions........ * We have a group calles MACs. When we install Sophos on a MAC is it possible to auto assign to this group? * Is it possible to create scopes? E.g. that our MAC admin only can administrate…

Hi all, i've got a false-positive outbreak detected on one fileserver. There're around 100 Items in Quarantine - alerts spread over 6 pages in Events-Section in central. i went through that list multiple times but was able to release 95 elements from…

Can we add CIXA for 20 user license and Cixa xdr for 30 user in one Sophos central portal

And even with 6 or 7 new starts the device still shows the wrong user in central. When I look up the correct user it shows 0 devices in the management studio. The user is local user in windows is logged into their Microsoft account and is synced with…

Big thanks for the answers to my queries in the suitable product for scanning files, folders on RHEL with no internet connectivity - Discussions - Sophos Central - Sophos Community ticket. I have two follow up questions and I prefer to ask in a separate…

Hi! I just found a bug in the Sophos Central dashboard and could not find it in the known issues list. Here's how to replicate the issue: 1. Create an exclusion of the type "Exploit mitigation", choose an application and deactivate at least one of…

As residents of Saudi Arabia, SAMA provides us with YARA rules for threat detection. How can we effectively create and implement our own query within Sophos Central to scan for these YARA rules? What are the best practices and challenges associated…

Hello We are looking for a suitable Sophos product for our usecase. Have gone through the documentation, however would like to confirm below: Usecase: a. System is RHEL7.9 and RHEL9 b. Looking for an on demand scan capability to scan files/folder…

Recently, I've noticed a troubling increase in false positives from Sophos Central that are impacting our workflow significantly. Legitimate files and applications are being flagged as threats, causing unnecessary disruptions and delays. This issue seems…

Hi there, I followed documentation to install SPL on a Linux server that does not have internet access. We have a Windows server acting as update cache / message relay. This is confirmed to work for other (Windows) machines. However the installation…

Is there a way to get latest version for Sophos Core Agent trough Early Access Program ? In Early Access Programs page I couldn't find Core Agent EAP. The closes I could find was New Endpoint Protection Features . I have subscribed for New Endpoint…

Bonjour Est il possible de purger ou diminuer la taille des logs dans C:\ProgramData\Sophosi\Endioint Defense\Date\Event Journals Mais pour un seul serveur Quel est l'impact sur la sécurité de ce serveur ? Cordialement

Recently, we got an alert that was caused by a company we work with doing a Disaster Recovery test. This caused a duplicate record of one of our servers. We have prevented the backed-up systems from communicating out to Sophos to prevent future de-duplication…

Hi, Is it possible to edit the base policies, so that we don't have to change a policy manually every time we create a new Customer? Using a Global template forces us to manually go into the settings to add the new customer to the template, so…

Hello, we have a problem with the feature “Protect network traffic”. We are using a terminal server, on which employees work with a program that uses EWS to send mails. We now have the problem that Sophos blocks the automatic login process via the…

Hello there, I am trying to block TLDs in Sophos Central using Website Management—Add Website Customisation, and instead of putting many domains with a malicious top domain, I would like to be able to block this particular domain. What should I…

Dears, We are facing a problem finding some users and their computers in SHOPOS portal under computers or under "Restore deleted devices and recover Tamper Protection passwords" even though SHOPOS endpoint is installed in those devices.

Greetings all IPS service is not starting on an A computer which you can see on this snapshot bellow, how to overcome this error message.

Hello, We work with a Sophos Central Web Policy in general the download of .exe files is not allowed. Is it possible to exclude certain files/programs from this policy so that they can be downloaded? Thank You!

Where can I find documentation on the exit codes used by the avscanner component of Sophos SPL? I want to run the scanner as part of a build pipeline and fail it if there is a detection. I have only been able to run it on clean files and I can see it…

As the title states, this is somewhat concerning this hasn't been rolled out yet but there doesn't appear to be any sub category for AI/GPT usage in web control policy. AI usage is becoming increasingly prevalent for businesses, while also becoming increasingly…

Hello Everyone Can i allow an application using the sha256 in Sophos central, is it possible, client using intercept x with XDR. Can you please help?

Hello everyone, I have a question about the creation of threat exceptions. Suppose I have the following message in the centre. How can I set an exception there so that it can be ignored? Can anyone give me a tip? Thank you very much!