• "Looping" through list in Live Query

    Kyle Parrish
    Kyle Parrish
    Good afternoon! I am working on a query where I would like to essentially perform a "For Each Loop" on the results. I am not sure what the SQL equivalent is. Can someone assist me and/or direct me to the proper syntax? Based on the following query…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Searching the contents of a file with Live Query

    Kyle Parrish
    Kyle Parrish
    Is it possible to search the contents of a file with Live Query? If so, can someone point me to the proper syntax?
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • How do you investigate "Safe Browsing detected browser Google Chrome has been compromised"

    Kyle Parrish
    Kyle Parrish
    Good day everyone! I am sure we have all seen a few of these pop up in our environments: "Safe Browsing detected browser Google Chrome has been compromised". My question is, what steps do you take to investigate this alert? There is a rather small…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • hmpalertsvc has an unquoted service path with a space in it.

    Administrator User443
    Administrator User443
    I have two questions How do I quickly add quotes in the registry setting for hmpalertsvc entry to change it from this C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe to this “ C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe”? When will…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • HP Wolf Security causing issue's

    Josh Turner
    Josh Turner
    Hi, I'd like to know if anyone else has experienced this yet. I've had 4 customers now with HP Machines that have had issues with there PC performing incredibly slowly (basically unusable), the issue seems to be this new HP Wolf Security Bloatware that…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • How to auto deploy Sophos Server protection on AWS instances

    JornLutters
    JornLutters
    Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. The instructions in this article describe a way to automatically…
    • over 3 years ago
    • Sophos Endpoint
    • Recommended Reads
  • Multiple Syncs of - AD Sync Utility

    skyisbluescreen
    skyisbluescreen
    We would need to setup atleast 10 Syncs or more per day. Why ? We are managing Peripheral Control via Sophos but the users are managed via AD; So we need frequent sync of this group. Any thoughts on How we can manage this ?
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • SEP Mac stops Sketch working?

    Chris Luthe
    Chris Luthe
    I just got around this morning to installing Intercept X on one of our web designers' MacBook Pro. Within a few minutes, she reported having issues with Sketch . The SophosCryptoGuardLegacy process would be pegged to 65+% CPU and Sketch would just hang…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • macOS C2/Generic-A Detections

    rfrutiger
    rfrutiger
    Today I have been receiving detections for C2/Generic-A on my mac clients the offending process is /usr/libexec/trustd and it is reaching out to IP 104.18.21.226. This IP is owned by cloud flare and hosts alphassl.com so it seems to make sense that the…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos Intercept X and DeepFreeze

    PharcydeWolf
    PharcydeWolf
    I work at a school where we deployed DeepFreeze to laptops that were given to students for the purpose of online classes. These were also provisioned with Sophos Intercept X to monitor and restrict web access which is really more important to us than…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Cannot start HitmanPro.Alert service on Intercept X

    mh3000
    mh3000
    Hello everyone, I have two Windows Servers that report the HitmanPro.Alert service as Stopped. Once I open windows services and try to manually start it I get this message: "Windows coul not start the HitmanPro.Alert service service on Local…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Migration from SEC to Central. Prepare remote update managers error

    Luc_GLLM
    Luc_GLLM
    Hi everyone, I'm migrating my clients from sophos enterprise console to sophos central. I have no problems migrating main office computers, I have problems with brench offices that have a Remote update manager. I'm following this guide which seems pretty…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • VPN installation on Employee Personnel Mobiles

    Youcef Rahmouni
    Youcef Rahmouni
    Hi Community, Recently the some employees asked for vpn remote access from home to certain applications in our company data center via their personnel mobile phones, is their any solution to check the security of that device ( per ex: is their any…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Unmanaged devices tab

    Obaida Thunibat
    Obaida Thunibat
    Hello, I've noticed that a new tab has been added recently for 'Unmanaged devices' in computers and servers, but the page doesn't get anything and loading keeps on with no items were found.
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Intercept X - Multiple Threat Cases for Singular Detection

    alars15
    alars15
    Does anyone else get 10+ threat cases created for a single detection? For example, Sophos picked up some phishing from Outlook and generated 10+ threat cases: I don't think the user would try 10 times to open this email attachment. Anyone have…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Intercept X on MacOS Big Sur - possible GUI issue in "system preferences" and "privacy"

    syinf
    syinf
    Hey guys, we recently ran into an issue on MacOS Big Sur and within "system preferences" --> "Security & Privacy" --> "Privacy" --> "Files & Folders", possibly related to the presence of Intercept X for MacOS, as we don't see that strange behaviour…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Issue : Download of WindowsCloudNextGen failed from server http:∕∕dci.sophosupd.com.

    skyisbluescreen
    skyisbluescreen
    ALL ENDPOINTS : Download of WindowsCloudNextGen failed from server http:∕∕dci.sophosupd.com. ALL CACHE Servers : Failed to download
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Endpoint stopped recieving updates after trial expiration

    Motaz SOUID
    Motaz SOUID
    Hello, we have the license for Intercept X advanced which 600+ users are using, a month ago a started the trial for the Intercept X advanced with EDR on the same central account, all the machines switched to the trial license, now that the trial ended…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • How often do servers/endpoints upload to the data lake?

    an_enterprise_user
    an_enterprise_user
    There appears to be a delay between when an event happens on a server or endpoint and when I can run a live discover query on that data in the data lake. How long does it take for the Sophos agent to synchronize or upload it's data to the data lake?
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • help with live discovery query - Readable free hdd / Partition space

    Diego Tavolari
    Diego Tavolari
    Hi everybody, I know that Live Discovery is more for threat hunting, but I've seen some really interesting queries out there. One thing I would like to be able to do is get as an output the free disk / partition space for windows machines. I've seen…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • User Policy - logged on vs Run As user

    alfie-t
    alfie-t
    Hi, if i have an application control policy to block an application, but then add a policy to allow it for a superuser can that application then be run while logged in as a normal user, but with the application being launched using Run As to run as the…
    • Answered
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • System requirements for Live Response

    intrusus
    intrusus
    Hi, is there a KB / Documentation entry for the supported OS / system requirements for Live Response? Didn't find anything or is it working on all kind of OS we can install Intercept X? Cheers
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Ich sehe bei den vielen Sophos Endpoint Produkten nicht mehr durch, kann mir das jemand erklären?

    Robert Müller
    Robert Müller
    Hallo Leute, ich habe mal eine Frage zu den Sophos Endpoint Produkten. Wir nutzen in der Firma Sophos Central dort gibt es im Punkt Endpoints die Unterscheidung zwischen Clients und Servern. Was ist jedoch nicht verstehe ist folgendes: Bei den Servern…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Problems with Wirelees Projection

    Hansi Martinez
    Hansi Martinez
    Hello good morning, I have a problem with my computers when trying to project on a wireless screen, my computers have Sophos Intercept, Sophos mobile used this for the remote erase issue, and they go to the internet through the XG-230. If I connect a…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • Intercept X on Win Server 16 - Failed to update. How to re-try?

    Sophos User4013
    Sophos User4013
    Got a Medium Alert that one of my servers is out of compliance. Checked the endpoint and it says that Malicious Traffic Detection and Sophos Antivirus failed to install. There doesn't seem to be a way to tell it to try again. I've attached the most recent…
    • over 3 years ago
    • Sophos Endpoint
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>