Applies to: Sophos Home for Windows

Important: exclusions are added at your own risk. We recommend submitting a sample to Sophos Labs if you are unsure whether a file safe to exclude or not : Sophos- Submit a Sample

Machine learning can predict if a file is malicious pre-execution, without having seen it before, by examining its behavior. In addition to this, a database is cross-referenced at Sophos where customer feedback influences the decision.

How to exclude a file from Machine Learning

1. Access your Sophos Home Dashboard  
2. Click on the affected machine
3. Find the detection under New Activity or via the History tab

example (Note ML means this was a machine learning detection):

4. Click on Show Advanced Options 

5. Under Did we get this wrong? click on Allow and Restore

6. You will now be prompted to restore and allow the application. This will restore the file, and send Sophos a report to re-evaluate the decision

Note: If more than one component from a company is detected, you will have the option to Restore and Allow All, which will restore and allow all applications from that vendor. Example below

Related articles

• Setting scan exceptions
• Adding local exclusions/Allowing Installations and/or applications to run