Sophos Endpoint Security and Control: What is a potentially unwanted application (PUA)?

KB-000033353May 15, 20230 people found this article helpful


Important
Our legacy Endpoint and Server Protection products, Managed on Premises and Standalone reached End of Life on 20 July 2023. Migrate to a suitable next-generation Sophos Central product which provides better overall protection. Please see the Migration center for more details.

Overview

Potentially unwanted applications (PUAs) are programs that are not malicious but are generally considered unsuitable for most business networks. Examples include, but aren’t limited to, adware, dialers, remote administration tools, bundleware, downloaders, aggressive monetizing software, uninstall tools.

 

Some PUAs can also be used for malicious purposes, such as network scanning tools and penetration testing tools. For more information on these, take a look at the KB Admin tool Detected as Potentially Unwanted Application(PUA)

 

If you believe a detection was made in error, review the following KB for Requests to re-categorize by third parties for PUA/Adware detections (possible Deceptor component). This is meant to provide steps on how to understand better the detections we make and provide us information on the PUA detection in case we need to re-evaluate the detection.

 

Product and Environment

Sophos Endpoint Security and Control
 

How to allow detected PUA

Sophos customers who wish to allow the detected PUA can do so by following the steps indicated in the following:  

Note: The above SEC PUA link is for version 5.5.2. Other versions of the same document (Enterprise Console Help HTML or PDF) can be found on the Enterprise Console page.

 

Related information

Sophos: Adware and PUAs


Sign up to the Sophos Support Notification Service to get the latest product release information and critical issues.
 




Was this useful?




Want to leave us some feedback?
Please visit the Product Documentation Feedback