Allow for Threat Search results to be exported as excel and/or CSV for use in a pivot table.

Add the ability to filter out based on the device name or allow boolean operations for username and device name.

Cryptoguard has detected a false positive detection of a client "attacking" a server. Fortunately it is a false positive, but there's no option to exclude the thumbprint of the client attacking a server, so Cryptoguard always recognizes this as an attack. There should be an exclusion for a client false-positively "attacking" a server.

OCR (optical character recognition) Sensitive Image Recognition provides the capability to extract text from images (scanned documents, screenshots, pictures, and so on) and from PDFs, enabling you to use new or preexisting text-based detection rules on this content.

I sometimes have tens of thousands of indicators of attack and compromise to run through the threat search, but I can do only 100 at a time. Increase the object limit to 500 or allow the importing of CSV's.

Hi,

Please Provide the device Serial Number on the Dashboard, which really helps in the industry to Track the machine Immidelty.

Also Reporting should be Improved with Large Visibility with PIE Chart & Category radio lines

I want to identify the machines in my network where Sophos AV is not installed. But I do not have any reports to do this, Is it possible to fetch these Details.

On Sophos Endpoint policies, having the ability to decide on "Action to take"on all detection/issues.
When building software packages for deployment we receive numerous false positives.
Having the ability to respond to a detection to say "This is a safe file" would save many hours wasted adding exceptions and repackaging again. This is already an option for "Low reputation files downloaded".

Today we were investigating a system that had been getting taken over by remote control. Sophos said the system was clean and RDP wasn't being used so we were baffled. Eventually, we found that there was a copy of NeSupport Client which was digitally signed and had an original file name of client32.exe, but had been renamed to wupdsvc.exe. I think it would be a good idea for Sophos to flag files that are digitally signed, but not their original name, as suspicious when doing a scan.

Many of user can bypass company firewall via personal hotspot of GSM operator. If we can manage SSID and we may define whitelisted SSID will prevent that issue.
Could you please add SSID management under perhipal/device control as a new feature.

Hi to all,

when there is a communication problem between Endpoint and Central, the endpoint doesn't report any problem as long as you go under Status section.
In my company i had the case of a Windows 10 PC not showned under Central, but with no symptoms of malfunctiong from the Endpoint side,
This is a big problem, because i could have an endpoint infected with a malware without have an alert on Central.
From my point of view it's necessary to show an alert every X hours on the Endpoint that report this.
Thank you.

Provide a Sophos AV scanning engine with API access for Nextcloud Linux servers like Kaspersky did.

Kaspersky partner up with Nextcloud and provide a Kaspersky Scan Engine which communicates with an app via an API and scans every uploaded file.
https://nextcloud.com/blog/nextcloud-and-kaspersky-partner-up-to-protect-users-from-malicious-files/
https://www.kaspersky.com/about/press-releases/2020_kaspersky-and-nextcloud-partner-to-add-protection-to-content-collaboration-technology

add icon to end point in virtual server to scan 1 server only or 1 file not all virtual servers

1. support automation of adding block hashes into endpoint protection blocked items via custom feeds




2. alerts on the dashboard for detection of files that are in the blocked item list. currently there is no alerts on the dashboard. if one does not have a SIEM to do monitoring, then one must manually check each endpoint in the central to see who has detection due to the blocked item list.




3. option to automatically create case based on item 2.

1. support automation of adding block hashes into endpoint protection blocked items via custom feeds




2. alerts on the dashboard for detection of files that are in the blocked item list. currently there is no alerts on the dashboard. if one does not have a SIEM to do monitoring, then one must manually check each endpoint in the central to see who has detection due to the blocked item list.




3. option to automatically create case based on item 2.

this is testing

the current Mail App (Windows 1909) has no exe left to start So far it was blocked by SAC. Not anymore. So users can start it.
ICh used Sophos to block the unnecessary Windows 10 apps. This no longer works.
Sophos support asks for an exe - I (and no one else) can't provide it.
Sophos has to adapt / develop here and continue to block these apps as well.

Garmin Express is a desktop software that notifies you for the latest maps and software availability. You can download the GarminExpress in your PC (Windows or Mac) from the support website, and it will help you install the updated maps on your Garmin GPS.

Every customer has a different choice, and they need maps for other purposes such as cycling, driving, golf, or as a wearable. Luckily, we have the Garmin GPS, which lets us download the maps of our choice. Moreover, the process is so simple that even a non-techie can do it without even realizing it.
https://www.garmincom.express/