Hi I would like to know about SoPhos process information. Please tell us in detail what function the two processes below perform. 1. SoPhosFilesScanner.exe 2. SSPService.exe

Could anyone let me know the main features which is available in Sophos intercept X, ( this is for presentation purpose, it would be great if anyone explains me briefly if you know) thanks in advance Have a great day ahead

We recently had a false positive from CryptoGuard and were unsure whether to exclude it via Detection ID or filename+filepath. What details actually make up a Detection ID? We installed two versions of the software and although the exe file that caused…

Cryptoguard bloqueando aplicação que o cliente já utilizava. Aplicação de confiança, mesmo marcando como confirmado e como resolvido o mesmo continua impedindo a aplicação.

My feeling is, Sophos does not know about the Intercept-X EAP forums. So I put this to focus here. Maybe one of the Sophos members can bring some light into this issue, it this is on Sophos' screen and will be fixed? https://community.sophos.com/intercept…

Good morning to all, we recently implemented Sophos Intercept X Advanced Server. One of our windows server 2012 r2 system has a problem where it can not communicate with Sophos Central. The installation went without a problem. After the reboot i get…

Hello I some instances we use Sophos intercept for servers. and it is quite compicated to manage access for Sophos agent to connect to sophos central. In Palo Alto Cortex XDR there is such thing as connetion Broker, that can be installed on prem and…

Hello Sophos-Team, as a feedback found that on Endpoint Protection the Settings, Events and Detections Text is all gone: Windows 11 with Current Patch (KB5014019) Best regards Val.

Since we've switched from SEP to Sophos. We've had many random issues with users connecting and receiving various connecting errors. I know that this is a Sophos issue because I removed Sophos from all of our Citrix VDAs and all problems go away. last…

Is the current Sophos Installer for mac OS on the Sophos Central backward compatible with macOS Big Sur 11.4? Our devices with macOS Monterey were installed without issues but when we tried using the same installer to our Macbook that's running on macOS…

Hi, seeing this today on several websites. One example: https://www.scc.kit.edu/ Website blocked Location: https://www.scc.kit.edu/ We've blocked access to this URL due to your policy. The certificate associated with this URL…

Hello, We have Sophos installed on a server and it's using a ton of memory. Almost using all of RAM. There is 24 GB of ram and it's using between 18-19. How do I stop it using so much memory? Also seems to be using a lot of CPU, but the memory is the…

Hi all, since last Update these services are missing in Sophos Central / Endpoint protection / Status / Services. Sophos Anti-Virus Sophos Clean Service Sophos Safestore Service Sophos Web Intelligence Filter Service Sophos Web Intelligence Service…

Hello there again, I've just noticed a realy strange behaivior while using the OnDemand Scanner (right-click -> Scan with Sophos) I wanted to scan a mounted Image which was taken as a backup from a different client. When i try to scan the whole mounted…

Well hello there, is there any way to trigger a FileScan from commandline with Intercept X? I know with the old endpoint protection you could use the sav32cli.exe, but i can't find this in the new intercep X agent. Hope some one can help. Greeting …

Im a bit confused about Controlled Updates and Test Computers. 1. Our intension was that Client Endpoints get their updates when they are released but only on a specific day. 2. Server Endpoints have a test group we update to latest version on a patchday…

Hello, since last week, for unknown reason our Sophos Endpoint delete all WMV files on computers. This is the event : Malware detected: 'W32/GetCodec-A' at 'XXX\Intro discours.wmv' Any idea why it's happen now?? I already created a ticket to…

Hello All Have a client that has a mix of full fat and thin clients, the full fat clients being W10 Pro are connecting into a RDS server. What am noticing is that one computer is randomly experiencing RDP dropouts. Initially thought it was the NIC and…

This article https://attack.mitre.org/techniques/T1003/001/ lists several mitigations against an LSASS memory credential dump attack, one of which is ASR (Attack Surface Reduction). The mitigation is described as Behavior Prevention on Endpoint and links…

Hello - Does anyone have a query they have used to see if Windows Update is running on an endpoint?

Hello All. So more and more cyber insurance questionnaires are asking for SIEM SOC and 24x7 monitoring. We have been using Sophos Advanced Intercept-X for years and have been relatively happy with it. We considered the XDR option but that means we need…

Could anyone let me know the main features which is available in Sophos intercept X, ( this is for presentation purpose, it would be great if anyone explains me briefly if you know) https://192168ll.link/ https://routerlogin.uno/ thanks in advance …

Hello, I am new to Sophos and System Administration in general. Over the weekend, I got several notifications that some of my servers had failed to update Sophos. Below are some error snippets I've identified from the installation log: %ProgramData…

Hallo zusammen, folgende Grundinformationen: HP 449G3 238 AiO System Windows 10 20H2 Intel Core i57500T 2,7GHz 8 GB RAM Sophos Core Agent 2.20.11 Sophos Endpoint Advanced 10.8.11.4 Sophos Intercept X 2.04.24 Wir haben unsere gesamten Rechner auf…

Hi, maybe somebody can help me to identify what's going on. I have one workstation with a official MS store app "Your Phone". Sophos detect a RISK 7 level on this command: "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe…