Applies to: Sophos Home for Windows
Sophos Home for Windows v 2.0.11 introduced a new feature called Artificial Intelligence (Machine Learning).
Machine learning can predict if a file is malicious pre-execution, without having seen it before, by examining its behavior. In addition to this, a database is cross-referenced at Sophos where customer feedback influences the decision.
Note: Sophos does not recommend adding exclusions unless you are 100% sure the application is safe. We recommend customers submit a sample of the application's executable (.exe) to Sophos' Lab for a review and, if needed, a re-categorization How to submit samples to Sophos Labs
You may also create exclusions for a specific file/location at your own discretion, following this article.
- Access your Sophos Home Dashboard
- Click on the affected machine
- Find the detection under New Activity or via the History tab
example (Note ML means this was a machine learning detection):
4. Click on Show Advanced Options
5. Under Did we get this wrong? click on Allow and Restore
6. You will now be prompted to restore and allow the application. This will restore the file, and send Sophos a report to re-evaluate the decision
Note: If more than one component from a company is detected, you will have the option to Restore and Allow All, which will restore and allow all applications from that vendor. Example below