Allowed applications

Our software may sometimes detect an application as a threat when you know it is safe.

If you have allowed applications in Sophos Central Admin you can't see them in the list of allowed applications in Sophos Central Partner.

Any applications that you allow in Sophos Central Partner are merged into the list of allowed applications in Sophos Central Admin when you push a template to your customers.

About allowed applications

Our software detects threats that are previously unknown. However, it may sometimes identify an application as a threat, even though you know that it’s safe. When this happens, you can “allow” the application. This does as follows:

  • Prevents this detection from happening again.
  • Restores all copies that have been cleaned up (removed from computers).

Alternatively, you can allow an application in advance, so that it won't be detected when you install it for users. Think carefully before you do this as it reduces your protection.

Allow an application in advance

You can allow an application in advance, so that it won't be detected when you install it for users.

Only allow an application if you know it's safe but think it might be detected as a threat. Think carefully as doing this reduces your protection.

Note that:

  • You can allow the application by using its path (location), SHA-256 and certificate.
  • This allows the application to start, but we’ll still check the application for threats, exploits and malicious behavior when it's running.
  1. On the Global Settings page, click Allowed Applications.
  2. Select the method of allowing the application:
    • Certificate: This is recommended. It also allows other applications with the same certificate.
    • SHA-256: This allows this version of the application. However, if the application is updated, it could be detected again.
    • Path: This allows the application as long as it's installed in the path (location) shown. You can edit the path (now or later) and you can use variables if the application is installed in different locations on different computers.
  3. Enter a path. You can use variables if the application is in a different location on different computers.

Edit the details for an allowed application

You can change the details that you specified when you allowed an application.

  1. On the Allowed Applications page, find the application.
  2. Click the edit icon (the pen) on the far right of the page.
  3. Enter the new information.

When you edit a path, details of the original detection (user, computer and path) are removed from the list.

Start detecting an application again

If you want Sophos to start detecting and removing an application again, remove it from the Allowed Applications list.

Select the application and click Remove (in the upper right of the page).