Sophos EDR is specifically named as a target of AI-automated evasion testing, where malware is iteratively tuned against Sophos EDR’s detection engine before operational deployment. No CVE is associated. The risk profile and remediation approach are structurally identical to the CrowdStrike Falcon item: detection confidence for tuned variants is reduced, and layered detection independent of endpoint telemetry is the primary mitigation.