-
Endpoint Security Portal (formerly Endpoint Protection Portal) Changelog
This changelog provides updates for the WithSecure™ Elements Endpoint Security Portal (formerly Endpoint Protection Portal), the central interface for managing endpoint protection across your organization. It includes the latest enhancements, usability improvements, and fixes related to the portal’s functionality, user…
-
Endpoint Security (formerly Endpoint Detection and Response) Changelog
This changelog provides updates for WithSecure™ Elements Endpoint Security, previously known as Endpoint Detection and Response (EDR). It includes the latest improvements, feature enhancements, and fixes related to endpoint protection, detection, and response capabilities. These updates help organizations strengthen their…
-
Vulnerability Management Web Scan Changelog
This changelog provides updates for the Web Scan component of WithSecure™ Elements Vulnerability Management. It includes the latest improvements, fixes, and new features related to scanning and assessing the security of web applications and services, helping organizations identify vulnerabilities in their online assets.…
-
Vulnerability Management Discovery Scan Changelog
This changelog highlights updates for the Discovery Scan component of WithSecure™ Elements Vulnerability Management. It includes the latest improvements, fixes, and feature enhancements related to asset discovery and network visibility, helping organizations identify unmanaged or unknown devices in their environments. For…
-
Vulnerability Management Scan Node Agent Changelog
This changelog provides updates for the Scan Node Agent component of WithSecure™ Elements Vulnerability Management. It includes the latest enhancements, fixes, and performance improvements related to the scan node agent, which is responsible for executing vulnerability scans within customer environments. For updates on…
-
Vulnerability Management System Scan Changelog
This changelog focuses on updates related to the System Scan component of WithSecure™ Elements Vulnerability Management. It includes the latest changes, improvements, and fixes affecting how system scans are performed, managed, and reported within the solution. For updates related to the portal interface or other…
-
Vulnerability Management Portal Changelog
This changelog provides updates specifically for the portal interface of WithSecure™ Elements Vulnerability Management. It includes the latest improvements, feature enhancements, and fixes related to the user experience, dashboard functionality, and overall usability of the portal. For updates related to other components…
-
Exposure Management for Cloud Changelog
This changelog is dedicated exclusively to updates for the Cloud component of WithSecure™ Elements Exposure Management. It includes the latest improvements, fixes, and new features specific to the cloud-based capabilities of the solution. Note: For updates related to Exposure Management for Business and the Frontline…
-
Exposure Management (including XM for Business and XM Frontline Add-on) Changelog
This is the primary changelog for WithSecure™ Elements Exposure Management, covering all updates related to: Exposure Management for Business Exposure Management Frontline Add-on It provides the latest enhancements, fixes, and feature updates for these components of the Exposure Management solution. Note: This changelog…
-
📢 Changelogs Have Moved!
Find all changelogs in one place The latest changelogs are now available in our new dedicated section:👉 Product Changelogs We’ve migrated the past 6 months of changelog content to this new setup for your convenience. Starting today, changelogs will be available in 6 languages (machine-translated): English, Japanese,…
-
Improve 'Analysis'-tab; Formatting/Markdown support
Hi, As of now, the 'Analysis'-tab for BCD alerts is quite lack-luster. The idea behind the existing functionality is quite good actually, but not when it comes to using and reading it, it could be a lot better and more human friendly. It's just a long text line. It's not even a text box, since everything gets truncated…
-
Flexible Restart Deferral Options After Application Updates
We are using WithSecure, and after updates of certain third-party applications, our clients frequently receive a system prompt indicating that a restart is required (see attached example). Currently, users can only choose between restarting immediately or postponing the restart without specifying a timeframe. This often…
-
[Insight] How to Spot Gaps in Your Incident Response Plan
Even mature organizations miss key elements in their response strategy. Here’s how to identify and fix them: 1. No Clear Escalation Path Who gets called first? Who makes decisions? 🛠 Use WithSecure’s Incident Readiness Framework to build a clear escalation tree. 2. Lack of Containment Procedures Can you isolate a device or…
-
[Insight] 3 Questions to Ask Before Enabling Automated Actions in WithSecure Elements
Automated Actions can supercharge your response time — but only if configured wisely. Ask yourself: 1. Do I Trust the Detection Source? Automating based on low-confidence detections can lead to false positives. 🛠 Use Broad Context Detection to ensure high-quality triggers. 2. Is My Response Proportionate? Isolating a…
-
Vulnerability network scans stuck in queued
All vulnerability network scans are stuck in a Queued state and do not start, although Discovery scans are running successfully. Network scans remain permanently queued with no progress. Has anyone encountered this before or have suggestions on where to begin troubleshooting? Steps already taken: Confirmed that all scan…
-
[Insight] Why RDP May Fail When Application Control Is Active
If Remote Desktop Protocol (RDP) stops working on Windows Server 2022, the culprit might be Application Control. What’s Happening? Application Control rules may block RDP-related processes or services, especially if set too restrictively. What You Can Do: Review your Application Control rules Add exclusions for RDP-related…
-
System Maintenance: XDR-related updates - 24th November 2025
We will be performing some system maintenance on our WithSecure Elements backend systems on 24th November 2025, at 8.00 UTC. Read the full article here: https://community.withsecure.com/en/kb/articles/32707-system-maintenance-xdr-related-updates-24th-november-2025
-
Exciting New Release: Identity Inventory for XDR!
We are happy to announce a new capability for WithSecure™ Elements: Identity Inventory. This functionality will benefit customers of both WithSecure Elements Identity Security for Entra ID, and WithSecure Elements XDR Cloud Security for Azure Read the full article here:…
-
[Insight] Troubleshooting Performance Issues with WithSecure Endpoint Products
Experiencing slow systems or high CPU usage after installing WithSecure endpoint protection? You’re not alone — and there are solutions. 🔍 Common Causes: Misconfigured Application Control Active Web Traffic Scanning Ongoing Scheduled Scans Connectivity issues to Security Cloud 🛠 Use the built-in WithSecure Connectivity…
-
Grafana Infinity plugin – 500 error when querying BCD data from WithSecure API
Hi everyone, I’m trying to pull BCD metrics into Grafana, but my query always returns a 500 error, no matter what parameters I use. For other modules — like Collaboration Protection and EPP — everything works fine, but data retrieval specifically for BCD doesn’t work at all. I’ve already tried specifying my organizationId,…
-
[Insight] Did You Know? WithSecure Elements Can Isolate Infected Devices Remotely
Containment is critical — and WithSecure makes it fast and easy. Why Remote Isolation Matters: Stops lateral movement instantly Buys time for investigation Minimizes business disruption 🛠 Learn how to isolate devices remotely using WithSecure Elements. 📌 Speed is everything in incident response — and remote isolation gives…
-
application control blocks adobe reader background tasks
Hi there, the application control logs following blocking action: Die Anwendungssteuerung hat die Installation einer Anwendung verhindert. Regelname: Default block rule Regel-ID: 00000000000000000000000000000000 MSI: C:\WINDOWS\system32{AC76BA86-1031-1033-7760-BC15014EA700} Name des Unterzeichners: Übergeordneter Pfad:…
-
[Insight] 3 Ways to Detect Insider Threats Without Invading Privacy
Insider threats are tricky — but you can spot them without overstepping boundaries. 1. Monitor for Unusual Access Patterns Accessing sensitive files outside normal hours or from unusual locations can be a red flag. 🛠 WithSecure Elements tracks user behavior anomalies — see how. 2. Watch for Data Movement Large file…
-
Notification on licnese pool
Hi! We have a M365 Intune procedure set up so that when a customer end user logs in to their new computer for the first time with their account, WithSecure is downloaded to the device automatically. Is there a way to get notified by email when the customers free license pool is about to run out / has run out, so we can be…
-
[Insight] How to Use WithSecure Elements to Prioritize Threats Effectively
Not all threats are equal — and chasing every alert can burn out your team. Here’s how to focus on what matters: 1. Use Risk-Based Prioritization WithSecure Elements ranks detections based on severity, context, and potential impact. 🛠 Learn more about Broad Context Detection and how it helps prioritize threats.…
-
Where should we open bug cases ?
Hello, There is a (very) minor bug (see details below) on WSLS64. Is there a specific place to submit bug cases ? ### Versions ### FSBG = 1.0.921 Linuxsecurity = 12.0.503 ### Bug ### While WSLS64 was installed as standalone agent, and configured as offline it still try to connect to a Policy Manager and generate error logs…
-
[Insight] Did You Know? You Can Simulate Attacks with WithSecure Labs
Testing your defenses is just as important as deploying them. WithSecure Labs offers tools to simulate real-world threats safely. Why Simulations Matter: Validate detection capabilities Train your team in real-world scenarios Identify blind spots before attackers do 🛠 Explore WithSecure Labs for red teaming, attack…
-
remove customers them from my customer list
I searched the community but couldn't find a solution. When a customer decides not to purchase WithSecure Elements after trying the product with a Trial License, how can I remove them from my customer list in Partner Portal (partnerportal.withsecure.com) and (elements.withsecure.com)? Thank you.
-
Cannot Load the Page when trying to access devices list or profiles
Hey all, I've been trying to access the backend to make some changes, and while the elements dashboard logs in ok, the Endpoint protection widget on the dashboard errors and then changes to "No devices", while the Detection and response widget lists the correct number of devices. When I try to go to the devices page it…
-
Policymanager schedule
We have a customer where we use Policymanager 16.10. There is a patch window on every third tuesday of the month between 10.00-12.00 AM. I can´t find how I can apply a schedule for automatic updates for this specific time. Its only specific days of the week. Can you help me?