• Intercept X advanced With EDR query for a keylogger

    Youcef Rahmouni
    Youcef Rahmouni
    Hi , I have a keylogger written in python listening and sending a file containing the keys pressed by the user to an email every time the user press esc. i want to detect it using Sophos edr by a query that look to a process sending a file periodically…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Get Security Certificate error after installing Central Intercept X Advance

    Awais Nisar
    Awais Nisar
    Hi, We are facing below error connecting outlook client once Sophos is updated on user machine. Can any one help me out in this. Regards, Awais Nisar
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Mac OS 12 Monterey

    Philipp Marx
    Philipp Marx
    Hello, just to be sure because the new MacOS Monterey will be released this year, is there a roadmap that Sophos will be compatible with the coming OS (in time)? Will be a EAP available for the MSP Partners ? Thanks and Regards Phil
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Heartbeat Stops Reporting Knocking PC Off Network

    SophosNewby
    SophosNewby
    Good morning all, I am beginning to have a serious issue with our PC's since moving over to Sophos Intercept X Advanced. I am beginning to have PC's stop sending their Heartbeat, Sophos Central shows the PC as no longer sending a heartbeat and I believe…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Force message relay after migrating from SEC to Central

    Luc_GLLM
    Luc_GLLM
    Hi to all, I have a problem after migrating a client from SEC to Central, the problem is that the client as a message relay stays connected to the old SUM and fails to communicate with the Central Dashboard. Even if I uninstall and reinstall it it remains…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Intercept X detecting application on the allowed list

    Denham
    Denham
    I am trying to allow a application to run on my system. I have added the path to the application to the Allowed Applications section under Global Settings. And I have updated the client. The application is still detected and blocked by the client…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Client doesn`t appear in Central Admin

    Jonas Wirth
    Jonas Wirth
    Hello, We have a client that does not appear as managed computer in Central Admin but has Sophos installed. The Client is still in the "unmanaged devices" group. All services are up and the client can get updates. I remember that we have to re-register…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • "Looping" through list in Live Query

    Kyle Parrish
    Kyle Parrish
    Good afternoon! I am working on a query where I would like to essentially perform a "For Each Loop" on the results. I am not sure what the SQL equivalent is. Can someone assist me and/or direct me to the proper syntax? Based on the following query…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Searching the contents of a file with Live Query

    Kyle Parrish
    Kyle Parrish
    Is it possible to search the contents of a file with Live Query? If so, can someone point me to the proper syntax?
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • How do you investigate "Safe Browsing detected browser Google Chrome has been compromised"

    Kyle Parrish
    Kyle Parrish
    Good day everyone! I am sure we have all seen a few of these pop up in our environments: "Safe Browsing detected browser Google Chrome has been compromised". My question is, what steps do you take to investigate this alert? There is a rather small…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • hmpalertsvc has an unquoted service path with a space in it.

    Administrator User443
    Administrator User443
    I have two questions How do I quickly add quotes in the registry setting for hmpalertsvc entry to change it from this C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe to this “ C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe”? When will…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • HP Wolf Security causing issue's

    Josh Turner
    Josh Turner
    Hi, I'd like to know if anyone else has experienced this yet. I've had 4 customers now with HP Machines that have had issues with there PC performing incredibly slowly (basically unusable), the issue seems to be this new HP Wolf Security Bloatware that…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Multiple Syncs of - AD Sync Utility

    skyisbluescreen
    skyisbluescreen
    We would need to setup atleast 10 Syncs or more per day. Why ? We are managing Peripheral Control via Sophos but the users are managed via AD; So we need frequent sync of this group. Any thoughts on How we can manage this ?
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • SEP Mac stops Sketch working?

    Chris Luthe
    Chris Luthe
    I just got around this morning to installing Intercept X on one of our web designers' MacBook Pro. Within a few minutes, she reported having issues with Sketch . The SophosCryptoGuardLegacy process would be pegged to 65+% CPU and Sketch would just hang…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • macOS C2/Generic-A Detections

    rfrutiger
    rfrutiger
    Today I have been receiving detections for C2/Generic-A on my mac clients the offending process is /usr/libexec/trustd and it is reaching out to IP 104.18.21.226. This IP is owned by cloud flare and hosts alphassl.com so it seems to make sense that the…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos Intercept X and DeepFreeze

    PharcydeWolf
    PharcydeWolf
    I work at a school where we deployed DeepFreeze to laptops that were given to students for the purpose of online classes. These were also provisioned with Sophos Intercept X to monitor and restrict web access which is really more important to us than…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Cannot start HitmanPro.Alert service on Intercept X

    mh3000
    mh3000
    Hello everyone, I have two Windows Servers that report the HitmanPro.Alert service as Stopped. Once I open windows services and try to manually start it I get this message: "Windows coul not start the HitmanPro.Alert service service on Local…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Migration from SEC to Central. Prepare remote update managers error

    Luc_GLLM
    Luc_GLLM
    Hi everyone, I'm migrating my clients from sophos enterprise console to sophos central. I have no problems migrating main office computers, I have problems with brench offices that have a Remote update manager. I'm following this guide which seems pretty…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • VPN installation on Employee Personnel Mobiles

    Youcef Rahmouni
    Youcef Rahmouni
    Hi Community, Recently the some employees asked for vpn remote access from home to certain applications in our company data center via their personnel mobile phones, is their any solution to check the security of that device ( per ex: is their any…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Unmanaged devices tab

    Obaida Thunibat
    Obaida Thunibat
    Hello, I've noticed that a new tab has been added recently for 'Unmanaged devices' in computers and servers, but the page doesn't get anything and loading keeps on with no items were found.
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Intercept X - Multiple Threat Cases for Singular Detection

    alars15
    alars15
    Does anyone else get 10+ threat cases created for a single detection? For example, Sophos picked up some phishing from Outlook and generated 10+ threat cases: I don't think the user would try 10 times to open this email attachment. Anyone have…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Intercept X on MacOS Big Sur - possible GUI issue in "system preferences" and "privacy"

    syinf
    syinf
    Hey guys, we recently ran into an issue on MacOS Big Sur and within "system preferences" --> "Security & Privacy" --> "Privacy" --> "Files & Folders", possibly related to the presence of Intercept X for MacOS, as we don't see that strange behaviour…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Issue : Download of WindowsCloudNextGen failed from server http:∕∕dci.sophosupd.com.

    skyisbluescreen
    skyisbluescreen
    ALL ENDPOINTS : Download of WindowsCloudNextGen failed from server http:∕∕dci.sophosupd.com. ALL CACHE Servers : Failed to download
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Endpoint stopped recieving updates after trial expiration

    Motaz SOUID
    Motaz SOUID
    Hello, we have the license for Intercept X advanced which 600+ users are using, a month ago a started the trial for the Intercept X advanced with EDR on the same central account, all the machines switched to the trial license, now that the trial ended…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • How often do servers/endpoints upload to the data lake?

    an_enterprise_user
    an_enterprise_user
    There appears to be a delay between when an event happens on a server or endpoint and when I can run a live discover query on that data in the data lake. How long does it take for the Sophos agent to synchronize or upload it's data to the data lake?
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • View related content throughout Sophos Endpoint
  • More
  • Cancel
<>