Skip to content
Find out how we support MDR.

Forcepoint case studies

The Forcepoint NGFW integration may detect cases similar to the case below:

The Sophos MDR team received a detection from Forcepoint NGFW mapped under the MITRE ATTACK Technique as "Server Software Component: Web Shell", requiring an analyst to review the activity.

Reviewing the activity that generated the detection, we didn't observe any signs of suspicious activity.

Because this activity appears benign and no action is required, we'll resolve this case. If similar detections are generated for the same activity, we will look at suppressing the activity on our end.