Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

Endpoint Protection

Suggest, discuss, and vote on new ideas for Sophos Endpoint Protection. Comprehensive security for users and data

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Intercept X - Threat Case - Root Cause not Identified, No Threat Case

    After upgrading to Intercept X with EDR there are situations where a Threat Case is not created. Sophos Support mentioned a Threat Case was not forwarded to Central because a root cause could not be found. Even when a Root Cause cannot be identified consider creating a Threat Case so customers have access to the additional context information. Perhaps set the beacon as the root cause.

    "Note: Threat cases are only created for malicious detections; this does not include detections for PUAs, Application Control, Device Control, Web Control. Additionally if Sophos isn't able to automatically confirm a root cause, a…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to change Network card binding order

    Servers with multiple network cards. Endpoint binds to the wrong network card.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  3. Intercept X - JAR files

    Intercept X does not appear to process JAR files - malware like Java Adwind seems to get past Intercept X. Are there plans to have Intercept X / Sophos ML to process JAR files? This woud provide much needed heuristic detection of this common family/type of malware.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  4. Intercept X - Detect Malware Downloaders (Macro's, PDFs, etc]

    Intercept X is great for detecting new executable malware, however it does not seem great at detecting malware downloaders, e.g. Office macro or PDF downloaders.
    Can Intercept X be enhanced so it looks for Office documents that spawn powershell/cmd/BITSAdmin or any other application that can be used to download executable content? This will provide an additional layer of defence in depth that an adversary has to bypass in order to infect a system.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  5. Monitoring mode for Exploit Prevention

    There should be a monitoring mode for exploit prevention ( detection is on but blocking is off )
    so we can initally test what can the impact be and what kind of applications will be blocked by exploit prevention.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  6. Heartbeat

    The security heartbeat only works if the end point has direct internet access. Please can you allow the heartbeat to use the same internet settings (proxy server) as the workstation.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  7. Is it planned to merge Enterprise Console with Sophos Central in the future, to have all features of both, something like "hybrid cloud"

    It would be nice to have the extended security of the cloud also on the On-Premises Version, but without the drawbacks like automated Client Version Upgrades and no Push-Client Installation possible...

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  8. Include in the exclusion process to automatically exclude files touched by a specific process

    We have some applications that are used to monitor/scan files across a system and being able to exclude any file it touches during the time it is opening that file would alleviate process impact on the system, and prevent locks on files which could cause issues with the parent application.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  9. Sophos cloud Linux workstation AV endpoint

    Please provide a Linux workstation license for Sophos Cloud. For users that have linux desktops, we don't have an option if we want to use Sophos Cloud for our management service.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Test Azure
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Next Generation Endpoint  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.