Thread Info
  • State Suggested Answer
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 876 views
  • Users 0 members are here
Options
Suggested

no eicar.comauto detection Big Sur

John Kennedy1

I successfully installed Sophos InterceptX Advanced with EDR on a new Mac OS X Big Sur install. I completed the tasks to ensure that it was installed correctly from the KB article: HOW TO: Confirm the Endpoint is Protected - Recommended Reads - Big Sur EAP - Sophos Community. However, if I download the eicar test files, they are NOT immediately detected. I have to open them or manually scan them in order to get a detection. I have downloaded the file both as .com and .zip with Safari and Chrome. Same behavior in all situations.

Top Replies

  • +1 suggested

    Hi John.

    Thanks for the feedback, from your description everything is working as expected as HTTPS scanning of downloads isn't part of the feature set and the protection kicks in when the file is attempted to open. We've reviewed the 'how to' and realized that this is missing, we'll update it to be more explicit

    Jump to answer
Parents Reply Children