Changes

These are the new and changed help pages in this release.

New pages

• Sophos MDR onboarding
• Data Collection and Investigation policy
• Server Data Collection and Investigation policy
• AP6 usage insight
• Configure DMARC Reporting
• DMARC Migration Guide
• Rule Type
• Attachment File Types
• Message Attributes
• Keywords
• Actions
• MDR reports
• MDR weekly reports
• MDR monthly reports
• MDR threat hunting report
• MDR settings
• MDR threat response
• What MDR Operations team can do
• Install Sophos agent
• Install Sophos agent on Windows or macOS
• Install Sophos agent on Linux
• MDR Service Tiers
• MDR Essentials
• MDR Complete
• MDR investigations
• MDR investigation methods
• MDR and MITRE ATT&CK
• Handle active incidents
• MDR Ops team response
• How to open an MDR case
• MDR self-help
• Active malware incident
• Identify malware types
• Deal with unknown malware
• Deal with false positives
• Ransomware remediation
• TrickBot or Emotet remediation
• Coin miners remediation
• Malicious LNK worm remediation
• Self-help extra resources
• MDR best practices
• Microsoft 365 and Entra ID security
• Microsoft 365 and Exchange Online security
• Get help with MDR
• Get help from the MDR Operations team
• Get help from Product Support
• ITDR
• Identity Risk Posture
• Risk Posture Score
• Findings
• Credential Compromise
• My Environment
• Identity Details
• Identity Settings
• ITDR integration guide
• ITDR frequently asked questions
• L3 protocols
• QoS
• Aryaka integration overview
• Integrate Aryaka
• Integrate Cato
• Overview of the Cisco Firepower integration
• Overview of the Cisco Umbrella integration
• Integrate Darktrace DETECT
• Darktrace integration case studies
• Overview of the FortiAnalyzer integration (Log collector)
• Integrate Trend Micro Apex Central

Substantial changes

The following pages each contain a large number of changes:

• Languages
• Account Health Check
• EDR and XDR
• AI Search
• Data Lake queries
• Data Lake uploads
• Data Control summary
• Integration Credential Manager
• Exploit mitigation exclusions
• S/MIME email encryption setup
• Wireless Dashboard
• Usage insight
• Diagnostics
• Mesh networks
• Troubleshooting mesh networks
• APX Settings
• Integrate with external services
• Email sending limits and privileges
• DMARC Manager
• DMARC Manager portal
• Add rule
• Firewall information
• Tasks Queue
• MDR
• MDR preferences
• MDR telemetry settings
• Allow regional IP ranges for external vulnerability scans
• Switch management
• VLANs
• Discovery
• Networks
• Routes
• SNMP
• Stack management
• Sophos NDR on Nutanix
• Sophos NDR on hardware
• Overview of the Cato integration
• Overview of the Darktrace DETECT integration
• Overview of the Trend Micro Apex Central integration
• Deploy appliances

Minor changes

The following pages have minor changes:

• Getting started
• Activate your account and get software
• Onboarding guides
• Sophos Endpoint onboarding
• Install software
• About authentication
• Early Access Programs
• Legal Notices
• Endpoint license usage and calculation FAQs
• Email license expiration and exceedance
• Activate Your License
• Unsupported Sophos products
• User Events
• Directory service
• Active Directory synchronization installation FAQ
• Security permissions on macOS
• Encryption
• Domains and ports to allow
• Installer command-line options for Windows
• Computers
• Computer Summary
• Computer Events
• Delete device
• Server Summary
• Server Events
• Server restarts
• Administration role details
• Administration roles summary
• Administration Roles for Sophos XDR
• Add a custom role
• Manage dashboards
• Health check scores
• Fix protection improvement
• Alerts
• Alerts for Threat Protection
• Alerts for installation and compliance
• Deal with outbreaks
• Deal with PUAs
• Deal with web browser attacks
• Deal with application lockdown events
• Stop detecting an exploit
• Data fields for Search
• Device Exposure
• Threat Graphs
• Threat Graph analysis
• Process details
• Live Discover
• Data Lake storage limits
• Set up and start Live Response
• Give admins access to Live Response
• Scheduled queries
• Cases
• Investigate cases
• Detections
• Threat lineage
• Logs and Reports
• Processed report
• Message Details
• Rejected report
• Attack Details
• Message Summary report
• SophosLabs Analysis Report
• Intelix Threat Summary
• Time of Click Summary
• At risk users
• Post-delivery summary report
• API Credentials Management
• Website Management
• Software packages
• Global Exclusions
• Encryption Recovery Key Search
• Blocked items
• What happens when you allow an address or domain?
• DKIM keys
• S/MIME settings
• Business Email Compromise
• Account compromise
• Add Internal VIPs
• Add External VIPs
• Import and export VIPs
• Delete VIPs
• Post-delivery protection
• Threat Protection Policy
• Update Management Policy
• Recover Windows endpoints
• Recover Mac endpoints
• Unlock APFS volumes with Terminal commands
• Server Threat Protection Policy
• Server Update Management Policy
• Server Linux Runtime Detection Policy
• Events
• Access points
• Access point details
• SSIDs
• Settings
• SSID advanced settings
• Create a mesh network
• FAQ
• Sites
• Troubleshooting
• Configure journaling for M365
• Reverse Microsoft 365 changes
• Outbound email for Microsoft 365
• Outbound email for Google Workspace
• Outbound email for Exchange and other clients
• Email Security Dashboard
• Mailboxes
• Quarantined Messages
• DMARC Manager summary
• Email Security policy
• Country of origin
• Language detection
• URL and QR code protection
• Data Control policy
• Content Control Lists
• Secure Message policy
• Secure message methods
• Firewalls
• Add firewalls
• Add a firewall with Zero Touch
• Manage an SD-WAN connection group
• Campaign type
• Sending domains and IPs
• Cloud Native Security
• Investigation Console
• Managed Risk internal scans
• Switches
• Port settings
• Site management
• Gateways
• Get started
• Products
• Sophos integrations
• Sophos NDR on ESXi or Hyper-V
• Sophos NDR on AWS
• Sophos NDR on Dell hardware
• Sophos NDR on NUC hardware
• Sophos NDR on OnLogic hardware
• Sophos NDR appliance size guide (hardware)
• Integrate Acronis Cyber Protect
• Integrate AppOmni
• Integrate Armis
• Integrate Auth0 (API)
• AWS CloudTrail
• Integrate an existing AWS CloudTrail
• AWS CloudTrail integration script
• AWS Security Hub
• Integrate Barracuda CloudGen
• Blackberry CylanceOPTICS
• Integrate Check Point Quantum Firewall
• Cisco integrations
• Integrate Cisco Duo
• Integrate Cisco Firepower
• Integrate Cisco ISE
• Integrate Cisco Meraki (API)
• Integrate Cisco Meraki (Log collector)
• Integrate Cisco Umbrella
• Integrate CrowdStrike Falcon
• Integrate F5
• Integrate Forcepoint
• Fortinet integrations
• Integrate Fortinet FortiAnalyzer (API)
• Integrate Fortinet FortiAnalyzer (Log collector)
• Integrate Fortinet FortiGate
• Integrate Google Workspace
• Integrate Jamf Protect
• Integrate ManageEngine ADAudit Plus
• Microsoft 365 integrations
• Microsoft 365 Management Activity
• Microsoft 365 Response Actions
• MS Graph security API (Legacy)
• MS Graph security API V2 integration
• Integrate MS Graph security API V2
• Mimecast integration
• Integrate Mimecast 1.0
• Integrate Mimecast 2.0
• Integrate Okta
• Orca Security integration overview
• Integrate Orca Security
• Integrate Ordr
• Integrate Palo Alto PAN-OS
• Proofpoint Targeted Attack Protection integration overview
• Integrate Proofpoint Targeted Attack Protection
• Integrate Rubrik
• Integrate Secutec SecureDNS
• Integrate SentinelOne Singularity Endpoint
• Integrate SonicWall SonicOS
• Integrate Thinkst Canary
• Integrate Trend Micro Cloud App Security
• Integrate Trend Micro Email Security
• Integrate Trend Micro Vision One
• Integrate Ubiquiti UniFi
• Integrate Vectra AI
• Integrate Veeam Backup & Replication
• Veeam integration case studies
• Integrate WatchGuard Firebox
• Integrate Zscaler ZIA
• Integration appliances
• Appliance requirements
• Add appliances
• Integration licenses
• Beta integrations
• AI assistant
• Generative AI features FAQs