As residents of Saudi Arabia, SAMA provides us with YARA rules for threat detection. How can we effectively create and implement our own query within Sophos Central to scan for these YARA rules? What are the best practices and challenges associated…

Hello We are looking for a suitable Sophos product for our usecase. Have gone through the documentation, however would like to confirm below: Usecase: a. System is RHEL7.9 and RHEL9 b. Looking for an on demand scan capability to scan files/folder…

Starting today around noon (Pacific time) we stopped being able to setup new workstations in Sophos Central. The logs (on multiple machines) show this: 2024-08-19T22:39:44.0627204Z INFO : Opening connection to mcs2-cloudstation-us-west-2.prod.hydra…

Recently, I've noticed a troubling increase in false positives from Sophos Central that are impacting our workflow significantly. Legitimate files and applications are being flagged as threats, causing unnecessary disruptions and delays. This issue seems…

I’m facing issues where Sophos is not triggering alerts for certain security events that I believe should be flagged. Despite having the correct alert settings configured and running routine scans, some critical threats or suspicious activities are not…

Your published downtime is stated to begin at Saturday 1:00am UTC, which is Friday, 8pm CST, it's 10AM on Friday and Sophos Central is offline.

Hello community, How can I decontrol a specified category for a user or user group ? Best regards, Thomas

Hi! I just found a bug in the Sophos Central dashboard and could not find it in the known issues list. Here's how to replicate the issue: 1. Create an exclusion of the type "Exploit mitigation", choose an application and deactivate at least one of…

Buenos dias Tengo una duda sobre como hacer la integracion de un fortigate con sophos central, he leido la documentacion una y otra ves pero no me queda claro como es la configuracion de la maquina virtual a la que se hace referencia en el paso a paso…

We need a way to either: 1. Be able to search for a computer across multiple accounts within N-Central. 2. Or have Sophos Agent show an account identifier number so we can cross reference and find out which agent was installed on the computer. …

Hi guys, I have been receiving this alert in my email for a few days now. I checked the logs and in Sophos Central, the synchronization is completed successfully, but the alert still appears. Does anyone have any idea what procedures to follow to resolve…

Hi, The Link to the Sophos AD Sync Installer does not work anymore.

Hi there, I followed documentation to install SPL on a Linux server that does not have internet access. We have a Windows server acting as update cache / message relay. This is confirmed to work for other (Windows) machines. However the installation…

Dear Support, We have issue to login in central Sophos, Verification Code via email is deplayed. Could you please help ? Regards, Diamondra

Hello Sophos Team, I was wondering if our license is automatically renewed or manual (buy new license code). As the picture shows the expiration date is Sep 4/2024, what would happen then? Thanks in advance.

Recently, we got an alert that was caused by a company we work with doing a Disaster Recovery test. This caused a duplicate record of one of our servers. We have prevented the backed-up systems from communicating out to Sophos to prevent future de-duplication…

We have a situation that's causing some annoyance with both our IT Engineers and our Information Governance staff, and its all to do with the DLP alerts to Admins when a user may be breaking our policies. I've looked at the Custom Rules for Admin email…

Hello, I have to migrate all my APs on Sophos Central. I have many different models (~60). Most of them are APX320, but i also have AP55C & AP15C. I would like to know if AP55C and AP15C are compatible with Sophos Central ? I tried to migrate…

Hi everyone, After the Crowdstrike update issues last week, we're conscious that a similar faulty update with Sophos could impact us as well, given all endpoint security software naturally needs kernel-level access to do its job. We're now looking…

Hello all, I have a problem login on to Sophos Central. My username and password is accepted, and so is the email received code and my pin. On the next screen I'm asked to verify my device, presenting a QR code asking me to scan the QR code and enter…

Our company Ace Money Transfer is using Wazuh as a SIEM and a sophos firewall. We want to send wazuh logs to sophos for it's XDR capabilities. Right now, i am trying the free trial to see if there'a a way to integrate wazuh and send logs to Sophos.

Is there a way to get latest version for Sophos Core Agent trough Early Access Program ? In Early Access Programs page I couldn't find Core Agent EAP. The closes I could find was New Endpoint Protection Features . I have subscribed for New Endpoint…

Hi, Is it possible to edit the base policies, so that we don't have to change a policy manually every time we create a new Customer? Using a Global template forces us to manually go into the settings to add the new customer to the template, so…

This is the most useless message. Where in Central can you view what specific applications are in quarantine? On the rare occasions where it does actually list the file as an alert, you can't even issue an instruction via Central to remove the offending…