-
WithSecure Ideas Platform Migration
We would like to inform you that the tool we use for collecting WithSecure ideas is migrating to the WithSecure Community on 15 October. During the migration, ideas.withsecure.com will be unavailable from 14 October through 16 October. After the migration, you can continue accessing it at the same…
-
XM newsletter Oct-08
Today we released Exposure management with new improvements: AttackPath visualizer tool updated with UX improvements. New Recommendation score calculation is in place: Recommendations are now generated for only highly-enough risked assets. This may lead into less Recommendations provided compared to what had been…
-
Which KB needed for Withsecure Elements EPP on Windows 10 v1909?
Hello everyone. I have an environment composed of several workstations with Windows 10 Pro v1909 and for compatibility reasons with an application developed internally can not be updated at the moment. When installing Withsecure on these stations i see from cloud manager that they appear unprotected, a warning that says…
-
Constant notifications regarding Malware
One of our servers is constantly flagging Malware, and we're not sure if the transactions are processing before the files are being quarantined and removed. Time|Account|Host|Infection|Action|Type|Infected Object|Infected Object SHA1 Sat, 5 October 2024 18:56:49 UTC|Talenom…
-
Devices are not visible on Pending List
Hi everybody, Some Windows 10 PC, after push installation of withsecure (16.00 client version for business suite), are not showed on PM Pending. I try to uninstall withsecure with a remove-tool and install again offline method with success, but are still showed on Unmanaged devices. All of devices are on AD Domain and have…
-
Quarantined tar file
Why are quarantined tar files being detected as malware during scans? This issue has been occurring with multiple files since yesterday. The file is located at the following path. Trojan-Downloader:W97M/Dridex.X|None|On_demand_scanner.file_infection.nothing|C:\ProgramData\F-Secure\Quarantine\Repository\TAR\00000001.tar[1]…
-
API - Insufficient scope. The request requires higher privileges than provided by the access token.
Hi I'm trying to make an integration with our PSA to create tickets and have a bi-directional sync with the Elements API. I've come to a point where I want to add a comment to an Incident using the incidents/v1/comments endpoint but I'm getting a 403 error with the message Insufficient Scope. My API key I'm using has "Full…
-
WithSecure license expiration grace period?
Is there a grace period after a WithSecure EPP license expires, or does it simply just stop working?
-
XDR: New Feature for Reopening Closed BCDs
We are pleased to introduce a feature that allows Partners and Customers to reopen closed BCDs within 30 days, regardless of the resolution code. This ensures any critical questions can be addressed post-closure. Read the full article here:
-
DeepGuard is blocking ANSIBLE for updates
Hello everyone, I have a problem where DeepGuard is preventing my updates from taking place, these updates are automated thanks to Ansible and therefore an Ansible user is in admin on my server to be able to deploy Windows updates on it. I need to deactivate DeepGuard from 3 to 4 a.m. because that's when the update is done…
-
Why is my Server Manager Console not registering ?
Hello everyone, I have a Policy Manager Console under Windows Server 2016 and my product cannot be registered because the website that you can see in the screenshot displays a 404 HTTP error. The trafic is not blocked by Windows firewall nor our firewalls, I can see the trafic being authorised and going out in the logs.…
-
WithSecure Linux Security 5.0.10 not installing
Hello everyone, I have an Ubuntu 22.04 machine that is not connected to the Internet. But this machine is connected to a Windows Server which have acess to the Internet. I have successfully installed the wsls-5.0.10-exported.zip package but I can't activate the product. I am trying this command " sudo…
-
BUG / Elements / Automated Actions for deletion
Hi, We have been creating some suppression rules for BCD, and it look like the Web interface has a bug. Browser is EDGE/FIREFOX, language is FRENCH, tried ENGLISH also, same problem. When looking at the suppression rules we see 10 lines by default, but the pager indicates "0 - 0 of 0 / 1 of 1". If we set the filter to 50,…
-
dl.delivery.mp.microsoft.com cache site marked as harmfull
Microsoft seems to have outsourced their updates distribution and this gets blocked. How do I allow this traffic as it's a IP address that's changing? WithSecure Elements Endpoint Protection har nya identifieringar: Tid|Konto|Värd|Infektion|Åtgärd|Typ|Infekterat objekt|Infekterat objekt SHA1 fre, 10 maj 2024 19:58:48…
-
Device Control not blocking exe files ?
Good day, I am trying out the device control feature and have disallowed launching exe files from USB sticks (rest of settings remain unchanged so far). Profile with respective settings is assigned to the device and profile assignment state is up-to-date. Still able to launch exe files from the USB stick. The stick was…
-
Accessibility Issue: Unable to Access Target from "Security Events" Tab
Bonjour, Quand je suis dans l'onglet "Événements de sécurité" et que je clique sur la cible pour pouvoir l'ouvrir, je n'arrive pas à accéder à la cible. J'arrive à accéder aux paramètres de la cible depuis l'onglet "Appareils". Est-ce normal ou s'agit-il d'un problème de l'interface ?
-
Feature Request / Profiles in API
Hi, Has an IT partner, we manage a lot of companies, and configuration profile management has been delegated to IT Technicians in charge of these companies. We were looking for a tool allowing us to compare all configuration profiles from all these companies to a specific main profile. It looks like the API does not…
-
EPP Summary Report
Good Day I had previously raised this issue and still await feedback to resolve this issue. I require the following report for distribution as part of the Monthly Report Pack sent to clients. How do draw the report ?
-
how to unblock chatgpt
At our company we use the web content control to block the chat category. However now we want to make an exception for chatgpt. I tried adding "chatgpt.com" to our list of allowed sites but this does not seem to work. Is there a way to make an exception for chatgpt instead of opening up the whole chat category for our…
-
API not working
Helou! I have created a .PS1 script that removes a workstation from WithSecure. However, my script is not working. Could someone tell me what is wrong with my code? I am getting an “Authentication Failed” error. What is the purpose of the Client ID and Secret? Should they be used here as well? # Vastuuhenkilö Julle…
-
Capteur EDR
Bonjour à toutes et tous ! Je rencontre un problème avec le capteur EDR suite à des mises à jour de Windows 11. J'ai le message suivant : " L'état du capteur est temporairement indisponible " J'ai désinstallé et réinstalle l'agent WithSecure mais le problème reste le même. Avez-vous déjà rencontré ce problème ? Merci
-
Seeking Feedback on Replacement for Old EPP Summary Report
We wanted to reach out to you regarding an important update regarding our reporting system. After careful consideration, we have decided to retire the old EPP summary report, recognizing its declining usage and limited information. In its place, we aim to introduce a new, customizable report providing a comprehensive…
-
Can do something to withsecure agent currently works on windows 7 computers
I understand that Windows 7 is no longer support, but even without updates the agent should work and be able to stay active with the virus database… like a basic protection? I have several computers with Windows 7 professional that i can't renew, since the minimum patch level of 29.2.2024 update that mandates ACS was…
-
About the reports in Withsecure
Good day, I have a question about the reports. It seems that some layout looks off. When i wanna change it too Pie it then looks a bit better. In the screenshot like this one below. Looks off with its bar. Is this something that will be fixed in the future? Kind regards, Roy
-
Upcoming major Capricorn update for Endpoint Protection
We plan to release a major Capricorn database update on September 24th, 2024. This will be delivered to Elements Endpoint Protection installations on Windows, Mac and Linux automatically. Read the full article here:
-
Change product key macOS terminal
Hi, We've installed WithSecure™ Elements Agent for Computers on multiple iMac computers, but because of an error in the activating of new license, we didn't have the opportunity to add the license key. Is there a possibility to apply the license throught MacOS Terminal? We can access the terminal of the iMac with Remote…
-
Elements Connector folder location
Is it at all possible to move the default connector "cache" folders for software updates to a different drive? I have tried looking for config files or registry entries relating to this but found none. I would like the connector "cache" folders to reside on the D:.
-
WithSecure vulnerability scan results csv export
If memory serves me correctly. There was a feature from the Elements console that allowed one to export a csv/xls file that listed all network scanned devices (Vulnerability assets), their accessable services and vulnerabilities. I just can't seem to get that option any ware. Anyone want to enlighten me? Regards, Ernest
-
Attack Surface reduction rules
Hi, We use withsecure as our primary AV and MDE as secondary AV, and was wondering if it is possible to configure MDE recommended ASR rules using withsecure. Examples of these rules include: Block JavaScript or VBScript from launching downloaded executable content Block Adobe Reader from creating child processes Block all…
-
Upgrade PM from 15.30 to 16.02
Hello everybody, Is there any administrative guide could help me to upgrade the PM suite ? In the previous upgrade I did not uninstall old version, but there was the same path. Someone help me please ? Thanks