Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 4455 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Send a sample with one click

zaino_unipmn_it

Could I suggest to send a sample using "Sophos Endpoint and Security Control"?

Usually virus starts from RUN regkey, autostart folder and so on. The software could search all autorun application, running applications and suggest which of them could be sent to Sophos Laboratory without compiling the web form (you already have our contact data, in sending sample you also could acquire PC id, name, ip...). It could be more rapid. Sometimes I couldn't send sample because I'm on a PC owned by another user even if it has Sophos installed but I don't have any pen drive for saving a sample (if system permit it). Other times I send sample with some hour of late.

Thanks, for your attention,

Dott. Marco Zaino

Università del Piemonte Orientale

Alessandria, ITALY

:35731


This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    I sent in a feature request for something similar.

    However, I wanted it from the Enterprise Console - hence only admins would have this feature and not the end users themselves, thus preventing the issue of flooding Labs with samples.

    How I envisioned it would be, HIPS and Detect Malicious and Suspicious Behaviour and files would be turned on so that Sophos is detecting strange files (e.g. regmod behaviour is a common one). When an alert comes up, in the Resolve Alerts/Warnings section, there could be an extra button next to Acknowledge which allows the admin to select the files causing the alerts and then submit them to Labs for analysis. 

    :35845
Reply
  • 0

    Hi,

    I sent in a feature request for something similar.

    However, I wanted it from the Enterprise Console - hence only admins would have this feature and not the end users themselves, thus preventing the issue of flooding Labs with samples.

    How I envisioned it would be, HIPS and Detect Malicious and Suspicious Behaviour and files would be turned on so that Sophos is detecting strange files (e.g. regmod behaviour is a common one). When an alert comes up, in the Resolve Alerts/Warnings section, there could be an extra button next to Acknowledge which allows the admin to select the files causing the alerts and then submit them to Labs for analysis. 

    :35845
Children
No Data