Sophos API improvements to endpoint isolation, exclusions, and querying

Credit to Author: Doug Aamoth| Date: Thu, 25 Feb 2021 14:48:38 +0000

With the latest Sophos Central API release, you now have the ability to programmatically isolate infected machines from your network, ultimately achieving the fastest possible response to an outbreak.

This latest functionality allows you to perform the following tasks:

  • Endpoint Isolation: Remove an endpoint from the network and restore it when the threat has been cleared
  • Isolation Exclusions: Allow certain critical applications to continue to run over specified ports, regardless of device isolation
  • Endpoint Query: Query for all isolated endpoints, or receive isolation status of a single endpoint

For complete details, see the What’s New post in our developer portal. Also check out our API Community for help getting started and self-troubleshooting tips.

http://feeds.feedburner.com/sophos/dgdY