Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Intercept X - How to Report False Positives

            Modified on Thu, 10 Aug, 2017 at 3:12 PM

            Intercept X - How to report false positives

            • 125439
            • 26 Oct 2016
            • 0 people found this helpful
            • English | Español | Italiano | 日本語 | Français | Deutsch

            This article details how to raise issues for potential false positives with Intercept X, along with the available workarounds,

            Applies from the following Sophos product(s) and version(s)
            Central Intercept X 11.5.0

            What To Do

            1. CryptoGuard Ransomware Protection

              1. Perform the following options:

                1. Reboot the computer
                  • If the detection is valid it will trigger again. However, this initial reboot may resolve the issue.
                2. Do nothing, the application will continue to be blocked
                3. Turn off CryptoGuard ransomware protection in the policy to prevent the detection. (You may want to limit this to the affected computer/s).

              2. Open a support ticket and provide the following information:

                1. Information on the application triggering the detection.
                2. The output of the Sophos Diagnostic Utility.

                  Note: This Utility can be launched from the Sophos Endpoint user interface. Click on About and then Run Diagnostic Tool.

            2. Exploit Mitigation

              1. Perform the following options:

                1. Reboot the computer
                  • If the detection is valid it will trigger again. However, this initial reboot may resolve the issue.
                2. Do nothing, the application will continue to be blocked
                3. Turn off Exploit Mitigation in the policy to prevent the detection. (You may want to limit this to the affected computer/s).
                4. Set an exclusion for the application under System Settings | Exploit Mitigation Exclusions.
              2. Open a support ticket and provide the following information:

                1. Information on the application triggering the detection.
                2. The output of the Sophos Diagnostic Utility.

                  Note: This Utility can be launched from the Sophos Endpoint user interface. Click on About and then Run Diagnostic Tool.

            Related information

            Article appears in the following topics

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0