Sophos Ideas / Endpoint Protection

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Suggest an Idea...

← Endpoint Protection

Create 'tag' in the IDE's that shows what they are trying to detect.

We have 'sav-update' installed on our mail relays so they automatically download the latest detection IDE's.
It would be a good feature to know that the latest IDE is supposed to detect X-trojan, X-virus or X-worm.
We had an example where one of our customers asked if we now detected the Troj/Agent-ARJS Trojan and I had to reply 'I think so' rather than a definite 'yes'. If I could search the IDE's with the Unix 'strings' command looking for say Troj/Agent-ARJS and found a hit then that would be brilliant.
It should be a simple case of just putting a comment field in the IDE so that 'strings' picks it out e.g.

# strings gozi-ct.ide |grep -i TRO
Troj/Gozi-CTSECTide

Thanks

Andy

2 votes
Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos Features & Ideas Laboratory
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...

Endpoint Protection: APT/zero day detection

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.