Hello all, We are due to update our EAP agent during the week of 21st September; this update has some small fixes in it and will allow us to start enabling IPS and our new behavioral engine.  Note: After…

For query assistance, please see the following Best Practices guide

The Sophos UK Sales engineering team has been getting familiar with live discover. In the work they explored group policy and provided…

Last week SophosLabs published a report about the Glupteba malware. According to Sophos Labs this malware family has been growing in numbers. "This malware, with its hard-to-pronounce name, has been getting regular…

In the next two weeks we will be fully launching the EDR Live Discover for LINUX.

The capabilities on Linux are simply astounding, we have been busy creating the prebuilt queries and finishing the last…

For query assistance, please see the following Best Practices guide

See the story from SophosLabs Uncut on KingMiner: https://news.sophos.com/en-us/2020/06/09/kingminer-report/

The article is both educational…

For query assistance, please see the following Best Practices guide

We have added a new table to the sophos forensics journals. The sophos_process_activity table.

Often as part of an investigation you need…