-
Sort by Vulnerability
Under "Security Configurations→Scans→Network Scans", when you expand a scan and try to sort by vulnerabiliy, it actually sorts by target, not vulnerability count. Is that a common bug, or just personal?
-
Elements EPP (Windows) Software Updater fails to install 7-Zip updates with WA_VMOD_ERROR_CANNOT_VERIFY
Hello, We are using WithSecure Elements Endpoint Protection (Windows) with Software Updater enabled on a large Windows workstation fleet. Updates for most third-party applications install correctly, but 7-Zip consistently fails to update. Issue Application: 7-Zip (vendor: Igor Pavlov) Result: Update installation fails…
-
Azure Subscription onboarding with CLAM
As part of our ongoing effort to simplify cloud onboarding and provide a unified experience across our Elements platform, we are introducing an update to how Azure Subscriptions are onboarded for exposure scanning. The change is expected to be released by the end of February. Read the full article:…
-
error sobre servidor / server error
Hola, buen día. Estoy presentando inconvenientes al descargar algunos parches de seguridad. El sistema muestra el mensaje: “Servicio no disponible: el servidor está temporalmente sobrecargado o en mantenimiento (HTTP 503)”. Según el status global, el incidente ya fue solventado, pero el error me sigue apareciendo. ¿Alguien…
-
Troubles updating vlc to version 3.0.23
Is anyone else seeing that the software updater of WithSecure Elements Agent 25.5 is unable to install the latest VLC update (3.0.23) on Windows 10/11 hosts? The status in endpoint client it shows: Installation failed WA_VMOD_ERROR_CANNOT_VERIFY I guess that it's a similar situation to this discussion that's related to…
-
New Research from WithSecure™ Labs – Explore Our Latest Publications
If you’re curious about the latest trends in cybersecurity research, threat intelligence, and cutting‑edge defensive techniques, now’s a great time to check out what our colleagues at WithSecure™ Labs have been working on. Our Labs team regularly publishes in‑depth technical analyses, threat reports, and research projects…
-
ATLANT
I need subscription to use Atlan product. How can I get that? I am new here. I would be really glad if you help me
-
Minor Maintenance break: Elements Collaboration Protection - 3 February 2026
We will be performing a small maintenance operation on WithSecure Elements Collaboration Protection on February 3rd, 2026 at 12.00 PM (UTC). This operation is expected to take a maximum of 5 minutes. Read the full article here:…
-
New Feature: Notification Hub
We are introducing a new, centralized Notification Hub to replace most of the current banner-based announcements in Elements. Read the full article here: https://community.withsecure.com/announcements-en/kb/articles/32813-new-feature-notification-hub
-
Improved Usability: One place to configure Proxy and Connector communication settings
To ease the communication settings configuration, including http proxy servers and WithSecure Connectors management, we are about to release an updated Profile Editor for Windows endpoints. Read the full article here:…
-
Adding an installer
Hello. Would it be possible to add a Linux installer for computers to the installation agent download?
-
API charset encoding
When I retrieve the list of devices, the character encoding is incorrect. The character "é" becomes "é" I tried adding "charset=utf-8" and other encodings in the header but it does not work. $Header2 = @{ 'Content-Type' = 'application/json; charset=utf-8' "Authorization" = "Bearer $sToken" } ((Invoke-WebRequest -Headers…
-
Y2k-style bug, one year later
It's January and time to celebrate another year with the same bug small ghraph bug (see attached picture). This makes me worry about EPOCH since some people don't even bother to check which year it is.
-
WithSecure process consumes an enormous amount of RAM
Hello everyone, One of our employees has been experiencing a problem for a week now: according to Task Manager, this process is consuming an extremely large amount of RAM. Even restarting the computer or manually terminating the process has not helped. It keeps coming back. What can I do? Many thanks in advance! Best…
-
Windows 10 "ESU" devices ?
How to identify Windows 10 devices which have ESU activated ? Should such devices still being shown with OS End of Life = Yes ? Regards, aj
-
How do I expand a license??
The new partner portal for WithSecure Elements is proving VERY difficult for me to navigate. The previous portal was quite easy for me. For example, I have a customer with 10 workstations using EPP for Computers. I build them 2 more workstations, and want to EXPAND their license as to protect those also. Making the total…
-
unable to create suppression rule
Hi all, we are receiving alerts for the below script but when we close it it does not create a rule. C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -NonInteractive -Command "[Console]::OutputEncoding = [System.Text.Encoding]::UTF8;" " Get-LocalUser | ForEach-Object { $userName = $_.Name $output = net…
-
Thank you for another year in the WithSecure Community!
2025 was an incredible year for the WithSecure Community - thanks to you! Check out our end of year video here: Big news: 🏆 Our Community has been nominated for two industry awards! Don't forget to vote! Behind the scenes: Want to know what goes on behind the scenes at WithSecure Community? Here's some light reading:…
-
React4Shell CVE EDR Detection
Customers are asking about whether EDR can detect exploitation of CVE-2025-55182 and CVE-2025-66478 What would be the chain of execution and associated score in case of compromission ?
-
WithSecure Decoys
Hi WithSecure, one best method to detect any malicious actor in one network is the capacity to deploy decoy hosts and servers, and monitor for unauthorized access. After detect unauthorized access the EDR can be execute automatic playbook.
-
Risky Connection Detection
Hi WithSecure, identify active communications as malicious sites to protect against malware distribution, phishing, and known C2C based communication should be a best method to detect and anticipate intrusions or attacks (example deploy ransonware).
-
Product changelog links
Exposure Management Exposure Management (including XM for Business and XM Frontline Add-on) Changelog Exposure Management for Cloud Changelog Vulnerability Management Portal Changelog Vulnerability Management System Scan Changelog Vulnerability Management Scan Node Agent Changelog Vulnerability Management Discovery Scan…
-
Add software to patch management
Is it possible to suggest software for inclusion in the patch management system? In our case, we use NetExtender (already part of patch management system) and the Banyan desktop Client from SonicWall (not part of patch management system). Sonicwall CSE - Download App Sorry if i missed any official way to do it. Regards…
-
Automatically update specific programs only with toggle "Force close running applications" ON ?
Dear all, is there a way to automatically force update specific apps only (not the manual way) ? There are known programs (e.g. Microsofts Powertoys, OneDrive…) which are running in the background and needs to be closed first. Users usually simply cancel the update which then requires additional manual effort to keep these…
-
WithSecure Commercial API specification is now available
As we move forwards in our digital transformation journey, we are today announcing the specification of our new Commercial API for Partners. You can find the API Reference Guide here. The new API will be available Staging access in Mid December, Production use in Mid January 2026. New commercial API will replace the…
-
Critical workstation firewall profile and allow url/domain
Hi, We have customer who has critical sensitive user data in use, and they need firewall rules that block all outbound and inbound traffic except allowed. We can achieve this using "critical workstation" firewall profile and then allow needed ip-addresses. However, one program (autodesk autocad) needs constant connection…
-
Unsafe URL Detection
Hi, I lately have some Unsafe URL Detections within the collaboration Protection detections. In our policy we have 2 settings under exchange : Malicious url and Suspicous url. Both Are on Quarantaine. What is best practice here? How can we see if the Detection is with the Malicious or Suspicious setting? Because in the…
-
Remote Shell to custom actions
Hello WithSecure All EDR security products have the Remote Shell action to respond to incidents, why WithSecure don't include this basic option? In commercial line most proposal is ignored because our WithSecure EDR can't have the most used response actions.
-
How to Allow System Extension, Driver Extension & Network Extension using MDM profile?
Hello Is there any workaround to auto-approve the System Extension, Driver Extension & Network Extension without user interaction on macOS? I'm currently using JumpCloud as my Device Management Solution. I have done creating the policy for extension, however it appears that require to allow manually and what I need to fill…
-
HTTPS File Download Blocking in Elements Browsing Protection
Hi Team, I would like to request a feature: Currently, Elements Browsing Protection's content filtering for file types (e.g., blocking ".exe" downloads) only works over HTTP. This feature request is to extend Elements Browsing Protection to inspect and block file downloads over HTTPS, with the ability to create granular…