Sophos Ideas / Endpoint Protection

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

← Endpoint Protection

Create 'tag' in the IDE's that shows what they are trying to detect.

We have 'sav-update' installed on our mail relays so they automatically download the latest detection IDE's.
It would be a good feature to know that the latest IDE is supposed to detect X-trojan, X-virus or X-worm.
We had an example where one of our customers asked if we now detected the Troj/Agent-ARJS Trojan and I had to reply 'I think so' rather than a definite 'yes'. If I could search the IDE's with the Unix 'strings' command looking for say Troj/Agent-ARJS and found a hit then that would be brilliant.
It should be a simple case of just putting a comment field in the IDE so that 'strings' picks it out e.g.

# strings gozi-ct.ide |grep -i TRO
Troj/Gozi-CTSECTide

Thanks

Andy

2 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • sso
  • facebook
  • google
    Password icon
    Forgot password?
    Create a password
    Signed in as (Sign out)
    Close
    Close

    We’ll send you updates on this idea

    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • sso
    • facebook
    • google
      Password icon
      Forgot password?
      Create a password
      Signed in as (Sign out)
      Close
      Close
      Submitting...

      Endpoint Protection: APT/zero day detection

      Feedback and Knowledge Base

      (thinking…)
      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.