Elements Vulnerability Management: changes to features

We are preparing the End of Life (EOL) of WithSecure Elements Vulnerability Management (EVM), where EVM is replaced with the more comprehensive and intelligent solution - WithSecure Elements Exposure Management (XM).

XM includes and is not limited to

From reactive and asset centric, to proactive and estate-wide security.
Gain visibility on what attackers would be able to do in your estate.
Easier and more efficient prioritization of work.
AI assistance for remediating and documenting your exposure.
Expand your visibility beyond devices. E.g. EntraID, Azure and AWS.

As part of our efforts to provide a unified user experience across Elements, we are improving our user interface related to Elements Vulnerability Management. This operation also means decommissioning a few Vulnerability Management features that were either inconsistent or not widely adopted nowadays

We are now highlighting these changes that will impact EVM, and also when you continue using similar features in the XM product.

EVM assets management

Vulnerability assets list page will be discontinued by the end of December 2025. From now on, EVM assets can be accessed using Devices > Computers and Devices > Unmanaged pages as communicated earlier and by selecting “Vulnerability management” from the View drop down .
API for EVM assets management will become read-only for all properties that can be managed using Devices pages. This includes fields like alias, importance and note/business context.
Although EVM API for assets will still work in read-only mode, we encourage to migrate any integrations to use the Elements API.
Environment / Devices / Device Discovery will be decommissioned as the functionality is already available in the Computers view

EVM user management

The old user interface for managing EVM users, groups and roles will be discontinued by the end of December 2025 and Elements-wide “Security groups” feature will fully replace it in early 2026.
EVM User management API is expected to be decommissioned
Access management can be carried out using the Elements-wide Organization settings > Security administrator page.

EVM Dashboard

The most used widgets are available at Reports / My Report (Circle and Gauge widgets are not going to be back ported due to miniscule usage)
Existing EVM Dashboard page will be discontinued by the end of December 2025.
All custom VM dashboards need to be re-created by the customer. Should you need any assistance, please log a support case with us.

EVM Summary reports

All EVM Summary reports are available on Reports / Email notifications and reports page. New reports can also be configured there, and the old page will be discontinued by the end of December 2025.
There will be no changes to reports-related part of EVM API.
Although there is no decommission regarding EVM summary reports, they are considered legacy and we plan to extend only XM reporting capabilities.

EVM Vulnerabilities

Exposure > Findings and Exposure Findings definitions pages are addressing the same needs as Vulnerabilities and Vulnerability coverage pages do in EVM, but the new views contain more data and of higher quality. Hence, Vulnerabilities and Vulnerability coverage pages became redundant and will be disabled soon.
There will be no changes to vulnerabilities-related part of EVM API.
Recommendation is to switch to Findings and Findings definitions views under Environment mega menu in Elements as a substitute for Vulnerabilities and Vulnerability coverage views

EVM Internet Discovery

EVM Internet discovery page has undergone a visual update, but with no changes from the usability perspective.
External assets page has become a default landing page for Environment -> Network menu, whereas the Internet discovery has become a secondary tab.

EVM Ticketing

The feature is in sunsetting phase already now, meaning that it’s only available for customers and partners who have already used it in the past.
The user interface will be disabled by the end of December 2025.
EVM ticketing API will be maintained as operational to keep the existing integrations operational as well. Meanwhile we recommend using the Elements level API for the same outcome.

Security configurations / Scans / Network scans

All scans-related pages are undergoing a visual update.
Compliance (PCI) column will be removed from Network scans page by the end of December 2025. The related functionality will continue to be supported.

Management / Vulnerability Settings

The page will undergo a visual update. “General settings” and “Security settings” tabs will get merged into a single view, as part of the simplification.
The following settings will get decommissioned from user interface:
- Contact details, as they are not in use.
- Subscriptions, which are also available in Management > Subscriptions
- “Customization settings”, which are also available in “MANAGEMENT > Organization Settings > Customization” with following caveats:
  - Existing VM settings will not be migrated. However, they have always only applied to VM scope and have never affected other parts of Elements.
  - VM reports are currently using VM settings, but will start using Elements customization settings by the end of January 2026 (RADAR-32889)
  - This will no longer be supported on company-level, but only for partners.
- Vulnerability statuses and workflow, as they are on their way to be superseded by XM statuses
- Assets archiving, as this will no longer be controlled by EVM. Automated assets clean-up will be performed with “Automated deletion” feature on Devices page.
- Restrict login based on IP address will not be available any longer as we are aligning authentication & authorization throughout the Elements.
- Force two-factor authentication, as this is already forced on Elements level.
EVM API keys definition should be done via Vulnerability settings page, as they will cease to show on Elements user profile page.