Endpoint Flag when Fixed Extended Package is in Use
Sophos Product Information
SESC for Windows
Version in Production: Any of the Fixed Extended Version
Feature Request Summary
How will this new feature address your business requirements?:
At the moment our Vulnerability Scanning system (Tenable’s Security Centre / Nessus) does not recognise that the Fixed Extended Versions of Sophos AV are still
supported and as such they are being listed as unsupported software. For example at the moment there is no way to determine if 10.7.6.2 is a product that hasn’t been upgraded for quite some time, or an actively supported (Fixed Extended) product.
At the moment if I go to Help -> About -> View Product Information I see the following information:
Endpoint security and control = 10.8
Support reference =
Current user rights = Sophos User
[Anti-virus and HIPS]
Sophos Anti-Virus 10.8.1.316
On-access status Enabled
Detection engine 3.72.1
Detection data 5.53
Virus data date 17/07/2018
Items detected 23145827
Detection identities 240
HIPS rules version 10.3.244.1
HIPS configuration version 188.8.131.52
Last updated 15/08/2018 10:56:25 AM
Could you create an additional field that states “Fixed Extended” is True or False, or even include the text “Fixed Extended” in one of the fields?
Once this is done we can then get Tenable to update their plugin to query for this information (hopefully it’s a simply a registry key or the contents of a
file), so that they can then accurately report on the product being supported or not.
I’m not sure if other vulnerability scanning tools have the same issue, but this is potentially something that could be used by other security tools to better
understand the installed Sophos product.
How would you rate the importance of this feature?; 1 = Critical, 5 = Nice-to-have: 3