we require Sophos Endpoint report for below components.

Core Agent Endpoint Adavance Sophos Intercept X

We have raised the ticket for same.
Sophos Support Case 03368270

Possibilitar ao cliente liberar ou não a execução de aplicações a partir de dispositivos de armazenamento móveis, mesmo que o usuário tenha permissão para acesso a dispositivos de armazenamento móvel.

We are looking for Application-Based Admin Access features (Enable/Disable) on end-users machine so that Centralized Control can be implemented while providing the admin rights or Application base admin Privilege to end-users System.

Built-In Feature of Sophos XDR can be useful

On the Sophos Endpoint Protection, there should be a way to customize the progress indicator bar. Currently, when a scan is initiated and running, all you see from a end user's desktop is the green progress indicator bar.

I need to report on the number of workstation, laptops and servers using Sophos licences which I can't as I can't separate laptops from fixed computers.
I would also need to run a report and ensure that all laptops have the device encryption enabled (where it is less critical if not enabled on a fixed workstation) and this is also something which you can't do because you can't find out about specific device category like 'laptop'.

Can the destination URL that the user is uploading files to please be included on the DLP logging. This would help us in getting better information for users uploading files to websites.

Currently we have to use a 3rd party tool to check the URLs.

A Sophos competitor has recently released a new feature into their Security platform. They are calling it "Advanced Deception Technology". It essentially deploys a variety of different honeypots throughout your network and automatically reports on them when any of them are accessed. There are MANY companies that don't have the know-how, time, or money to implement these sorts of proactive measures. I would love to see this as an additional feature that could be integrated into the Sophos Central platform as part of the EDR solution.

I have two clients that are upset with this restriction. As am I. it is not Sophos' job to control the size of messages. Microsoft 365 has an upper limit of 150 MB, your services should be matching that, or remove the limit altogether.

endpoint software does scan the registry for potential malware.

But I hope to add a registry function,

Allow users to block applications that are not allowed to be installed through the registry.

We use Sophos on about 100 linux systems for protection. For installation we use a script and that is working well. Because we want to automate the installation of the linux systems further we use Saltstack. By installing Sophos-agent with Saltstack we get errors(service request 03218428). So can Sophos make an installation that works under saltstack.

We use SharePoint for collaboration,and do not want alerts popping up when documents are uploaded to this site. Monitoring and alerting about files transferred to corporate sharepoint site creates a lot of noise and makes the feature unusable.
Can we have an option to whitelist https://XXXXXX.sharepoint.com/sites/ to exempt it from being monitored/Alerting for DLP ?

Many threat intelligence services offer MD5 or SHA hashes of known malicious files. It would be excellent if Sophos endpoint could report up to Sophos Central on file hashes that were either downloaded from the internet or received by email. Then a SIEM or similar tool could alert if a known malicious hash was detected.

For Intercept X

Could you please make a ZAP Toll equivalent for macOS as you do with Windows.

Allow email notifications for the Threat Center threat indicators. I can see "High Suspicion" files executed on an endpoint with no possible configuration for email notification.. (verified by Sophos tech support)

Please show full Path to threat/malware at the macOS Endpoint (don't know how the windows version behaves). Or make path clickable so that navigation to the needed folder is easier when manual removal is necessary).

Hello,

We are facing a problem. We have created a Web control filter under "Control sites tagged in Website Management" where we blocked drive.google.com

Despite of it being clocked, the site is accessible.