Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

Create 'tag' in the IDE's that shows what they are trying to detect.

We have 'sav-update' installed on our mail relays so they automatically download the latest detection IDE's.
It would be a good feature to know that the latest IDE is supposed to detect X-trojan, X-virus or X-worm.
We had an example where one of our customers asked if we now detected the Troj/Agent-ARJS Trojan and I had to reply 'I think so' rather than a definite 'yes'. If I could search the IDE's with the Unix 'strings' command looking for say Troj/Agent-ARJS and found a hit then that would be brilliant.
It should be a simple case of just putting a comment field in the IDE so that 'strings' picks it out e.g.

# strings gozi-ct.ide |grep -i TRO
Troj/Gozi-CTSECTide

Thanks

Andy

2 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • sso
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base

      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.