SOPHOS
-
On the Sophos console, navigate to Policies > Base Policy - Lockdown Settings
-
Ensure that the files and folders mentioned in the table below are added as to the Allowed list:
Value Type C:\Program Files (x86)\Virsec\bin\ Folder C:\Program Files (x86)\Virsec\bin\vsp-cli.exe File C:\Program Files (x86)\Virsec\lib\vsp-inject.dll File C:\Program Files (x86)\Virsec\lib\vsp-mem-protect.dll File C:\Program Files (x86)\Virsec\lib\vsp-sbuf.dll File C:\Program Files (x86)\Virsec\log Folder C:\Program Files (x86)\Virsec\vsp_memory\compatibility_tool\client\hybrid.dll File C:\Users\Administrator\Downloads\Malware\Executables\ Folder C:\Users\Administrator\Downloads\vsp-host-vm\vsp-host-vm Folder (Installation path of the system) C:\Users\Administrator\Downloads\vsp-host-vm\vsp-host-vm\vm-install.bat File C:\Users\Administrator\Downloads\vsp_install_vm.bat File Table – Sophos Allowed List
-
Ensure that the folders mentioned below are added as to the Exclusion list:
-
Windows:
-
(?i)C:\\+Program Files \(x86\)\\+Sophos.*
-
(?i)C:\\Program Files\\Sophos.*
-
(?i)C:\\Windows\\System32\\SophosAV.*
-
-
Linux:
-
/opt/sophos-spl/plugins/.*
-
-