Block incoming and outgoing file transfer using anydesk application during remote session.

It would be great for the Sophos Central to have a place to import the USB information (e.g., Serial number or brand) to the exclusion list. To make the migration from other brands to Sophos more easily and customers more willing to migrate to Sophos.

In central console, Display private and public IP address both so that administrator can understand where endpoint client is.

On Sophos Central, just like on the server protection which Sophos agent able to see what applications are installed on the servers. On the endpoints should also has this inventory of application features. This will help to see what applications are suspicious and looking for unpatch applications.

Allow for Threat Search results to be exported as excel and/or CSV for use in a pivot table.

Add the ability to filter out based on the device name or allow boolean operations for username and device name.

Cryptoguard has detected a false positive detection of a client "attacking" a server. Fortunately it is a false positive, but there's no option to exclude the thumbprint of the client attacking a server, so Cryptoguard always recognizes this as an attack. There should be an exclusion for a client false-positively "attacking" a server.

OCR (optical character recognition) Sensitive Image Recognition provides the capability to extract text from images (scanned documents, screenshots, pictures, and so on) and from PDFs, enabling you to use new or preexisting text-based detection rules on this content.

We all know patch is very important in security. It would be very helpful for us if there is a patch assessment (like on the on-premise SEC) on Sophos Central Advanced.

It should also categorized reports based on its criticality, Critical, High, Medium, or Low like the patch assement on SEC.

I sometimes have tens of thousands of indicators of attack and compromise to run through the threat search, but I can do only 100 at a time. Increase the object limit to 500 or allow the importing of CSV's.

Hi,

Please Provide the device Serial Number on the Dashboard, which really helps in the industry to Track the machine Immidelty.

Also Reporting should be Improved with Large Visibility with PIE Chart & Category radio lines

I want to identify the machines in my network where Sophos AV is not installed. But I do not have any reports to do this, Is it possible to fetch these Details.

Today we were investigating a system that had been getting taken over by remote control. Sophos said the system was clean and RDP wasn't being used so we were baffled. Eventually, we found that there was a copy of NeSupport Client which was digitally signed and had an original file name of client32.exe, but had been renamed to wupdsvc.exe. I think it would be a good idea for Sophos to flag files that are digitally signed, but not their original name, as suspicious when doing a scan.

Hi to all,

when there is a communication problem between Endpoint and Central, the endpoint doesn't report any problem as long as you go under Status section.
In my company i had the case of a Windows 10 PC not showned under Central, but with no symptoms of malfunctiong from the Endpoint side,
This is a big problem, because i could have an endpoint infected with a malware without have an alert on Central.
From my point of view it's necessary to show an alert every X hours on the Endpoint that report this.
Thank you.

Please make it possible, to prioritize the different 2nd Factor Auth options. I use SMS token also as TOTP. I want to use TOTP as primary variant, but Sophos uses the SMS option every time as the first option. If i want to use TOTP, i have to manually switch the login method for this one time.
Please implement a function, that i can prioritize the different mechanisms.

Provide a Sophos AV scanning engine with API access for Nextcloud Linux servers like Kaspersky did.

Kaspersky partner up with Nextcloud and provide a Kaspersky Scan Engine which communicates with an app via an API and scans every uploaded file.
https://nextcloud.com/blog/nextcloud-and-kaspersky-partner-up-to-protect-users-from-malicious-files/
https://www.kaspersky.com/about/press-releases/2020_kaspersky-and-nextcloud-partner-to-add-protection-to-content-collaboration-technology

add icon to end point in virtual server to scan 1 server only or 1 file not all virtual servers

I put a few machines in the test group to test the newest version but, want to go back to the version we are using in our environment. Apparently, this is not supported. I need to test before deploying. Please enable the rollback option. Even if it does require that we have to uninstall/reinstall.