Several computers have the alert 'Memory_1b (mem/xworm-a)'. It Says Manual malware cleanup required: 'Memory_1b (mem/xworm-a)' at 'c:\Program Files\Sophos\Sophos UI\Sophos UI.exe'.
The following are the details of the alerts.
Detection type: Behavioral…
Hi
When I enable the "Prevent malicious network traffic with packet inspection (IPS)", the Microsoft Global Acces stop working (microsoft ztna).
Anyone knows why?
Shay
I wanted to test GIMP 3.0 RC1 but Sophos always blocks the start
It then shows: averted harmful behaviour 'Lockdown'
Gimp installer link: download.gimp.org/.../gimp-3.0.0-RC1-setup.exe
would like to understand when manual cleanup is needed via API events/alerts alone
this field in API events/alerts I am not clear on:
Event::Endpoint::CorePuaClean 'result'
API RESULT UNDERSTOOD:
{"items":[{"descriptor":"C:\\Users\\SOMEUSERNAME…
Hi,
I am considering to replace existing Endpoint Security products (Webroot, ESET and Panda) with Sophos Intercept X on a dozen of customers. They all run Windows AD environment, most of clients are desktops in local domain. Is there any reliable automtion…
Hi all,
How can I check the version of Sophos Intercept X installed on the devices?
E.g. how can I check this information. The device tab just tells me if they are up to date, but not the actual version
Core Agent: 2024.2.4.1.0
Sophos Intercept…
Hey,
I've been trying to grant Sophos Endpoint Protection full disk access via a configuration profile in multiple ways.
I tried:
Using the profiles provided by Sophos,
Creating my own profiles using an older tutorial from Sophos ( Sophos Community…
Does anyone know why some browsers can access ChatGPT, but others cannot after a web control policy prohibiting access to it has been created?
We do make use of Google Chrome and Microsoft Edge. Google Chrome does not ban the ChatGPT website, however…
Hi team,
The customer has purchased Sophos XDR for 400 terminal PC users, but all the terminal PCs cannot access the Internet. Based on this situation, how can the user computers use the endpoint protection function, how to deploy the agent, and use…
Hiya,
I am weirdly experiencing major hits to performance on a veriety of high end Windows surface devices following the 24H2 feauture update. I initially felt as if it was windows itself doing this but, upon testing, it seems to disappear when removing…
Hi,
we are getting below error i have added Sophos certificate to the trusted certificate of windows but no luck
also i have followed sophos KB article again same problem.if i removed endpoint from that machine error is not showing.
Hi all,
I'm looking for instructions on how to install Sophos Intercept X with Citrix PVS services.
The instructions I've already found all want to disable certain Sophos services to delete the machine_id file, and that's where the problem comes in…
Hello everyone,
I have configured DLP policies for one of our clients, they work as expected.
There is just one remark our client gave us : Sometimes if a user does the same action repeateadly, generating alerts every time he does that action, that…
We have a 4 core VM with Linux SPL Agent 2024.2.1.2
4 regular processes run and each run intended at 100% - usually. Currently Sophos osquery.4 is consuming 1 core at 100% so the other 4 processes run at about 75% only, slowing down calculations of…
I have been using Sophos EndPoint for about 3 years and using ChatGPT for about a year. Everything has been working fine until about 4 to 6 weeks ago when all of the sudden staff in our office cannot upload files to ChatGPT. I wasn't sure what is was…
Hi
After installing Sophos agent, the agent is not communicating with central.
I put the password in the agent, after that I can not select the 4 hours disabled protections.
When I disable the temper protection, but the agent is not communicating…
Hello, A customer of ours had an old MacBook and transferred it, via Apple's migration assistant, to a new MacBook. Now today I wanted to install Sophos Intercept X Essentials but the installer indicated that the product was already installed. However…
Hi Community,
I would like to be able to query the Sophos Sub-Estates db with SQL. I read that there is Live Discover service for queries, but I wonder if it can be purchased with a separate license. Otherwise, I would like to know a way to connect…
I have identified a problem with Sophos Encryption, and I need to do a validation before bringing it up with Support as an issue. I can run a powershell command (as seen below) to find the encryption status however it doesn't tell me that it was Sophos…
Hello,
I am looking for help with deploying Sophos Endpoint to MacOS via Intune. Specifically, I would like help configuring the configuration profile to set the permissions for:
Full Disk Access
system extensions
notifications
You have…
Hi Sophos,
I can't get the Application Control policy to block Proxy / VPN Tools.
I've tried to edit the Base Policy as well as create a new policy and neither seem to work. See the attached image. I have tried selecting all VPN / Proxt Tool objects…