Get answers and solutions, initiate discussions, and connect with experts globally
Read recent answers to common queries in the most viewed Troubleshooting Articles
Issue: When an WithSecure endpoint product is installed on a computer or server, there is high CPU or memory (RAM) usage and applications are experiencing performance issues. The connectivity of some applications can also be slow or blocked completely. Issue affects all WithSecure clients: * Elements Endpoint Protection…
Issue: I would like to register my Policy Manager Server which is not connected to a network (offline), how do I proceed?Resolution: * Contact WithSecure support by opening a support request here. * Provide the following information for WithSecure technical support to create an offline registration file: * Account Name *…
Issue: Getting an error of "Your login to WithSecure™ Partner Portal failed. Please try using a different browser, or you can open a support ticket at: https://www.withsecure.com/en/support " when logging into Partner Portal. Resolution: This error message appears typically when user has an existing WithSecure user…
Issue: How to reset two factor authentication (2FA) for a WithSecure Business Account (Elements, Partner Portal, eService Portal) user account. Example scenarios:* User has a new mobile device and wants to move or transfer the authenticator to the new device * Device that had the multi factor authentication (MFA)…
Issue: WithSecure Elements Endpoint Detection and Response (EDR) detects a safe application (e.g. an in-house application). How to whitelist the detection?Resolution: You can close the Broad Context Detection (BCD) as "Accepted behavior", to create suppression rule that can accept the behavior of a user or a process. To do…
Issue: Real-time scanning or DeepGuard has detected a file to be malicious. How to submit a sample file to Virus labs to find out if it is a false positive? What if a possibly malicious file has not been detected, how to submit a sample file to virus labs to find out if it is a false negative?Resolution: If you suspect…
You currently have limited access, but there's a wealth of content to explore! If you need assistance or have any questions, we're here to help.
Hello. Would it be possible to add a Linux installer for computers to the installation agent download?
2025 was an incredible year for the WithSecure Community - thanks to you! Check out our end of year video here: https://youtu.be/WcU0A3nZipc Big news: 🏆 Our Community has been nominated for two industry awards! Don't forget to vote! Behind the scenes: Want to know what goes on behind the scenes at WithSecure Community?…
To keep you informed, we’ll share a weekly roundup of the most viewed troubleshooting articles, questions, and ideas from the WithSecure Community. 🔖Stay in the loop: simply bookmark this discussion and you'll receive a notification whenever we post the latest digest.
Customers are asking about whether EDR can detect exploitation of CVE-2025-55182 and CVE-2025-66478 What would be the chain of execution and associated score in case of compromission ?
Hello, We are using WithSecure Elements Endpoint Protection (Windows) with Software Updater enabled on a large Windows workstation fleet. Updates for most third-party applications install correctly, but 7-Zip consistently fails to update. Issue Application: 7-Zip (vendor: Igor Pavlov) Result: Update installation fails…
We want our users to have the most up-to-date information, and the What's New page is the perfect way to stay informed about the latest updates and enhancements to Elements. Here you will find links to the monthly What's New in Elements. If you would like to be notified whenever we update our What's New in Elements,…
Hi WithSecure, one best method to detect any malicious actor in one network is the capacity to deploy decoy hosts and servers, and monitor for unauthorized access. After detect unauthorized access the EDR can be execute automatic playbook.
Hi WithSecure, identify active communications as malicious sites to protect against malware distribution, phishing, and known C2C based communication should be a best method to detect and anticipate intrusions or attacks (example deploy ransonware).
Exposure Management Exposure Management (including XM for Business and XM Frontline Add-on) Changelog Exposure Management for Cloud Changelog Vulnerability Management Portal Changelog Vulnerability Management System Scan Changelog Vulnerability Management Scan Node Agent Changelog Vulnerability Management Discovery Scan…
Is it possible to suggest software for inclusion in the patch management system? In our case, we use NetExtender (already part of patch management system) and the Banyan desktop Client from SonicWall (not part of patch management system). Sonicwall CSE - Download App Sorry if i missed any official way to do it. Regards…
Dear all, is there a way to automatically force update specific apps only (not the manual way) ? There are known programs (e.g. Microsofts Powertoys, OneDrive…) which are running in the background and needs to be closed first. Users usually simply cancel the update which then requires additional manual effort to keep these…
Hi, We have customer who has critical sensitive user data in use, and they need firewall rules that block all outbound and inbound traffic except allowed. We can achieve this using "critical workstation" firewall profile and then allow needed ip-addresses. However, one program (autodesk autocad) needs constant connection…
Hi, I lately have some Unsafe URL Detections within the collaboration Protection detections. In our policy we have 2 settings under exchange : Malicious url and Suspicous url. Both Are on Quarantaine. What is best practice here? How can we see if the Detection is with the Malicious or Suspicious setting? Because in the…
There was a update for the ESC a few months ago. Since then, working with this system is not possible anymore from my point of view. In the earlier version, Devices Views were able to open in a new Tab. Now I can go forward to deep dive in a device, but there is no way back. This means, all Filters or views are set back…
The title may be confusing, so here ist the Question again with a example: If I turn off the security feature "Allow user to uninstall the product" in a windows-profile, and the trigger "turn off security features" on a device with that profile assigned, it only disables the client for about 10-30 seconds instead of the…
How to identify Windows 10 devices which have ESU activated ? Should such devices still being shown with OS End of Life = Yes ? Regards, aj
Hi all, we are receiving alerts for the below script but when we close it it does not create a rule. C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8;" " Get-LocalUser | ForEach-Object { $userName = $_.Name $output = net…
All vulnerability network scans are stuck in a Queued state and do not start, although Discovery scans are running successfully. Network scans remain permanently queued with no progress. Has anyone encountered this before or have suggestions on where to begin troubleshooting? Steps already taken: Confirmed that all scan…
Speak with a product expert. Check our phone numbers and service hours.
Submit a request for product support
Log in to the Partner Portal for partner support.
Join other cyber security experts & get inspired
This month's community leaders
