Parsh

Level 24
Verified
Trusted
Malware Hunter
Hey Kev, just watched it.. awesome tour video :) You're right, it's overall light but with some lags caused when many malware are detected. That's it.

The management console and provisions are laudable. I'm sure you liked the tour of options just like I did ;)
Though having no option to configure offline (an ON/OFF toggle with maybe a password could do) can be problematic. You temporarily deactivate it, (if) a fairly long connection loss occurs —> you'll get mad at it!
It sometimes takes good amount of time to reflect changes of configuration, even on 4G.

GUI bugs and 'Quarantine' aside, Unlike most other AVs, it doesn't wipe the original sample out in most cases as we saw. Instead it blocks/cleans the triggered malicious process. Won't that be a problem if the malware file remains on your disk and you've to share its parent folder with someone?!
Getting to know which file triggered the malware can be an issue after the triggered malicious process is cleaned (since GUI logs are cleaned), though you can access the logs from the web portal.
It's basically meant for those users who regularly (can/do) rely on network access for such tasks. And quite handy to monitor remotely for sure.
 

Parsh

Level 24
Verified
Trusted
Malware Hunter
I kinda have a weird feeling about this, it seems like they took HMPA and HMP and put a different UI / web management panel on it.
Except that BD and Kaspersky engines from HMP aren't included.. and some traditional Sophos features are present.

That's a given considering they bought Surfright
HitmanPro.ALERT Support and Discussion Thread
But how they intend to use HMP or change their approach is unpredictable. If they intend to use HMP completely (In-house + Kasp + BD) they would have already done that. But the focus here, for the AV part, is Sophos engine, accompanied by HMPA.
If they add Kasp + BD engines for any modes of protection, that would be great!
 

mekelek

Level 28
Except that BD and Kaspersky engines from HMP aren't included.. and some traditional Sophos features are present.


But how they intend to use HMP or change their approach is unpredictable. If they intend to use HMP completely (In-house + Kasp + BD) they would have already done that. But the focus here, for the AV part, is Sophos engine, accompanied by HMPA.
If they add Kasp + BD engines for any modes of protection, that would be great!
sooo it's a worse version of HMPA, meanwhile HMPA is getting a big update.
well that's underwhelming.
 

Parsh

Level 24
Verified
Trusted
Malware Hunter
sooo it's a worse version of HMPA, meanwhile HMPA is getting a big update.
well that's underwhelming.
I did not write regarding HMPA's performance/version. But the company must be integrating the latest of HMPA into their 'Premium Home Beta' since it's intention clearly is upping their game!
Only if they wish to test HMPA individually and then include that version in Premium Home Beta, then what you said could be possible; but I think they shouldn't be doing that, since this new Premium Home is 'Beta' ..
 

mekelek

Level 28
I did not write regarding HMPA's performance/version. But the company must be integrating the latest of HMPA into their 'Premium Home Beta' since it's intention clearly is upping their game!
Only if they wish to test HMPA individually and then include that version in Premium Home Beta, then what you said could be possible; but I think they shouldn't be doing that, since this new Premium Home is 'Beta' ..
I know.
Well they seem to have a different product with the "older" (newer meaning the beta of HMPA) HMPA atm. I wonder if they will just change up the UI a bit more and keep it like that while HMPA is getting different updates.

Or are they gonna put HMPA's recent versions under this "Premium Home" product and target a different audience?
 

Parsh

Level 24
Verified
Trusted
Malware Hunter
I know.
Well they seem to have a different product with the "older" (newer meaning the beta of HMPA) HMPA atm. I wonder if they will just change up the UI a bit more and keep it like that while HMPA is getting different updates.

Or are they gonna put HMPA's recent versions under this "Premium Home" product and target a different audience?
Our thoughts converged at the same question. I'll try contacting them or get some details on their forum.
 

mekelek

Level 28
Our thoughts converged at the same question. I'll try contacting them or get some details on their forum.
got this answer on the other forum:
I'm not positive how the update process with work with Sophos Home and HMPA; if they will be updated simultaneously or on their own schedule. That said, I would say it's safe to assume that improvements to HMPA would also happen to Sophos Home. Both products are under the Sophos roof and we want to utilize good tech that we have.
doesn't seem like they know it yet either :D:D
 
  • Like
Reactions: kev216 and Parsh

Janl1992l

Level 13
Verified
I kinda have a weird feeling about this, it seems like they took HMPA and HMP and put a different UI / web management panel on it.
Well, they use there own av/webblock methode. They have a silent hips too and some proactive module. Sophos is well known in the industrie and one of the rare good ones for the industrie, like Norton. U can be sure that the new sophos will be way more than only hmpa and hmp combiend with a different ui. i tested it abit and well, it does realy, realy well against malwares and not only because hitmanpro alert or hitmanpro. I am almost 100% sure that it will be a keeper and a top home security product. Sophos is a quality company, trust me. :) Just look at there products like the xg firewall. They are outstanding.
 

_CyberGhosT_

Level 53
Verified
Trusted
Content Creator
I did not write regarding HMPA's performance/version. But the company must be integrating the latest of HMPA into their 'Premium Home Beta' since it's intention clearly is upping their game!
Only if they wish to test HMPA individually and then include that version in Premium Home Beta, then what you said could be possible; but I think they shouldn't be doing that, since this new Premium Home is 'Beta' ..
Hey Parsh :)
what i think they may be doing, is they will see which way the users go with HMPA major updates and Sophos Home Beta popping up
and the one that generates the most interest or revenue will be the "keeper" the other will silently fade into the background.
This is not uncommon and makes sense for Sophos seeing both are viable products.
We may see a "weeding out" of sorts coming on the horizon. Interesting to watch play out either way.
 

mekelek

Level 28
Well, they use there own av/webblock methode. They have a silent hips too and some proactive module. Sophos is well known in the industrie and one of the rare good ones for the industrie, like Norton. U can be sure that the new sophos will be way more than only hmpa and hmp combiend with a different ui. i tested it abit and well, it does realy, realy well against malwares and not only because hitmanpro alert or hitmanpro. I am almost 100% sure that it will be a keeper and a top home security product. Sophos is a quality company, trust me. :) Just look at there products like the xg firewall. They are outstanding.
I'm not questioning this, although the results of Sophos Home in the Malware testing section is supbar at best at the moment.

Hey Parsh :)
what i think they may be doing, is they will see which way the users go with HMPA major updates and Sophos Home Beta popping up
and the one that generates the most interest or revenue will be the "keeper" the other will silently fade into the background.
This is not uncommon and makes sense for Sophos seeing both are viable products.
We may see a "weeding out" of sorts coming on the horizon. Interesting to watch play out either way.
that would make sense if HMPA wouldn't be having a Beta that has all the new fancy features :D
 
Last edited:

Parsh

Level 24
Verified
Trusted
Malware Hunter
Hey Parsh :)
what i think they may be doing, is they will see which way the users go with HMPA major updates and Sophos Home Beta popping up
and the one that generates the most interest or revenue will be the "keeper" the other will silently fade into the background.
This is not uncommon and makes sense for Sophos seeing both are viable products.
Oh, I get it! That can be the case as you said such methods are used elsewhere too. They may keep some differences b/w HMPA standalone and the one integrated in Home Beta for their own reasons of evaluation.

But they should continue to keep HMPA in Home at its best. Be it anything, Sophos Premium Home (B) should be kept at optimal advancements to get the best feedback from the fast growing users.
 

Parsh

Level 24
Verified
Trusted
Malware Hunter
the results of Sophos Home in the Malware testing section is supbar at best at the moment.
While the performance still seems subpar compared to others for sure, they've made significant improvements with some decisions that has upped their position for sure.

Many AVs having powerful signatures and heuristics detect Trojans and other threats (speaking of Trojans because most of those undetected by Sophos were Trojans) are detected by matching earlier ie. static ways.
Sophos has been having weak signatures and so it leaves a good no. of malware after static scan.

1. However, it is possible than not all Trojans (and others) carry out malicious actions soon after launch (and these were probabky already detected by static scans by other AVs irrespective of when would they have carried out malicious actions) and hence Sophos didn't act immediately.
I know it doesn't apply to many malware and this might not be true in most cases, but this is possible.

2. Based on point 1, I think Sophos doesn't act immediately if strong evidence or action is not observed by its behavior monitor. Some PUAs and probably harmless scripts on MH (yeah, that happens since not all are always malicious) are skipped entirely leading to smaller count of detections.
Many AVs detect files based on small suspicious behaviors while Sophos might not always.

Just my observations and thoughts on what can be some reasons behind smaller detection ratios. Small or big, infections are not tolerable and Sophos still has to improve, and it will, with their long Beta and improvement plans.
 

Parsh

Level 24
Verified
Trusted
Malware Hunter
I have sent an email requesting some information.. but I'm not able to login with my Sophos email ID and pwd (that I used for applying for Premium Home Beta) to login to the Sophos Community for support discussions. Email id isn't recognized.

@mekelek any idea, if Sophos Community login require some different/new ID?
One needs it to log-in before posting.
 

mekelek

Level 28
I have sent an email requesting some information.. but I'm not able to login with my Sophos email ID and pwd (that I used for applying for Premium Home Beta) to login to the Sophos Community for support discussions. Email id isn't recognized.

@mekelek any idea, if Sophos Community login require some different/new ID?
One needs it to log-in before posting.
no idea, but it's kinda standard nowadays that they have a separate database for the product and for the forum in case the forum CMS has a hole in it.
 
  • Like
Reactions: kev216 and Parsh