Tool kit for incident response
Whenever I'm forced to do a manual cleanup, I invariably use the same tools, which are effective but scattered and sometimes difficult to use. It would be great if some of these items were packaged together and could be run from a "cleanup dashboard". A Swiss Army knife for repairing infected endpoints. Often, I'm responding to a new customer that doesn't have Sophos yet and this is my time to shine and SELL.
-Refined SOI tool (archaic and easy to accidentally shut down) that can pinpoint the faulty node without me poring over 25MB of text
-Sophos batch scripts for uninstalls, registry key hijacks, etc.
-Something like RKill to stop malware running in memory
If something like this could be developed for partners it would save me a ton of time and give me a vector to sell more product.