Recent Discussions

Maximize your product experience with expert support, feedback sharing, and access to our troubleshooting knowledge base for effective solutions.

Upcoming Retirement of the Environments -> Devices → Vulnerability assets page in Elements
We would like to inform you that the Environments -> Devices → Vulnerability assets page in Elements will be gradually retired by the end of 2025. Read the full article here: https://community.withsecure.com/en/kb/articles/32679-upcoming-retirement-of-the-environments-devices-vulnerability-assets-page-in-elements
[Insight] How to Build a Threat-Informed Defense Strategy
A threat-informed defense means aligning your security controls with real-world attacker behavior — not just compliance checklists. Step 1: Know Your Adversaries Use threat intelligence to understand the tactics, techniques, and procedures (TTPs) most relevant to your industry. 🛠 Check out WithSecure’s Threat Intelligence…
[Insight] 3 Signs Your Security Tools Are Working Against You
Sometimes, the very tools meant to protect your environment can introduce risk — especially when misconfigured or misunderstood. 1. You’re Getting Too Many Alerts High alert volume = alert fatigue = missed real threats. 🛠 WithSecure’s Broad Context Detection helps reduce noise and prioritize what matters. 2. You’re Not…
[Insight] Did You Know? You Can Submit Custom IoCs in WithSecure Elements
You’re not limited to default detections — WithSecure Elements lets you define your own Indicators of Compromise. Why It Matters: Tailor detection to your environment Catch threats specific to your industry or region Respond faster to emerging campaigns 🛠 Learn how to submit custom IoCs in WithSecure Elements. 📌 Your…
The admin panel at elements.withsecure.com is currently inaccessible.
組織が見つかりません。組織リストの取得中にエラーが発生しました。後でもう一度試してください。と表示されて管理画面が利用できなくなっており、非常に困っております。解消方法をご存じでしたらお教えください。 From @LiselotteP in English: Organization not found. An error occurred while retrieving the organization list. Please try again later." This message is being displayed, and the admin panel has become inaccessible, which…
[Insight] How to Spot Early Signs of a Breach — Before It Escalates
Early detection is key to minimizing damage. Here are subtle signs to watch for: 1. Unusual Login Patterns Logins at odd hours or from unexpected locations can signal compromise. 🛠 WithSecure Elements EDR tracks user behavior anomalies — see how. 2. Sudden Privilege Escalation Accounts gaining admin rights without a clear…
[Insight] 3 Questions to Ask When Reviewing Your Cybersecurity Stack
Your cybersecurity stack might be full of tools — but are they working together effectively? Ask yourself: 1. Are My Tools Integrated or Isolated? Disconnected tools create blind spots. 🛠 WithSecure Elements offers unified visibility across endpoints, cloud, and email — learn more. 2. Do I Have Overlapping Capabilities?…
[Insight] How to Identify Living-off-the-Land (LotL) Attacks — Without a Sandbox
LotL attacks use legitimate tools already in your environment, making them hard to detect with traditional methods. What to Look For: PowerShell or WMI used by non-admin users Scripts running from temp folders Scheduled tasks created without IT approval 🛠 WithSecure Elements EDR detects suspicious behavior even when no…
New Feature: Identity Inventory
Identity Inventory is a new capability in WithSecure™ Elements that provides a unified place for administrators to configure and manage Entra ID tenants. It simplifies Tenant management by centralizing visibility and control within the Elements Security Center. Read the full article here:…
[Insight] Did You Know? Most Breaches Start with Misconfigured Tools
It’s not always zero-days or sophisticated malware — often, it’s a misconfigured setting that opens the door. Common Misconfigurations: Overly permissive firewall rules Disabled or outdated endpoint protection Unrestricted PowerShell access 🛠 WithSecure Elements helps you audit and enforce secure configurations — see how.…
[Insight] 3 Ways to Detect Lateral Movement Without Full Network Visibility
Even without full network telemetry, you can still catch lateral movement with the right endpoint insights: 1. Monitor for Unusual Remote Access Tools Look for tools like PsExec, RDP, or SMB being used in unexpected ways or by non-admin users. 🛠 WithSecure Elements EDR can flag suspicious use of legitimate tools — learn…
[Insight] How to Identify Misconfigured Security Tools — Before They Fail You
Misconfigurations are one of the most common causes of security incidents. Here’s how to spot them early: 1. Audit Your Policies Regularly Are your endpoint protection profiles aligned with your current threat model? 🛠 Use the WithSecure Elements Policy Manager to review and adjust. 2. Check for Alert Fatigue Too many…
Blocked google search results open automatically
When using Chrome browser to search on Google, blocked websites (such as social media sites) will open automatically. On rare occasions one needs to hover over the search result to reproduce the automatic redirecting. This only happens on devices with the WithSecure browser extension enabled. Windows 10 and 11 devices are…
Upcoming Retirement of the Management → Organization Settings → Vulnerability users page in Elements
We would like to inform you that the Management → Organization Settings → Vulnerability users page in Elements will be retired by the end of 2025. Read the full article here: https://community.withsecure.com/en/kb/articles/32543-upcoming-retirement-of-the-management-organization-settings-vulnerability-users-page-in-elements
[Insight] EDR vs MDR vs XDR — What’s the Difference and Which Do You Need?
Cybersecurity acronyms can be confusing. Here’s a breakdown of three key detection and response solutions: EDR (Endpoint Detection & Response) Focuses on endpoint visibility Detects and investigates threats on individual devices Ideal for teams with in-house security expertise 🛠 Explore WithSecure Elements EDR for advanced…
System maintenance: Elements login - October 8th 2025
We will be performing system maintenance on October 8th 2025, to make important changes to the Access Control System used by WithSecure Elements. This maintenance is planned to start at 18.00 UTC, and is expected to last for a period of 15 minutes. Read the full article here:…
[Insight] How to Convince Your Management to Invest in Cybersecurity
Getting buy-in from leadership can be tough. Here are three strategies that work: 1. Speak Their Language Frame cybersecurity in terms of business risk, not technical jargon. 🛠 Use metrics like potential downtime, data loss, and regulatory fines. 2. Show Real-World Examples Use case studies or recent breaches to illustrate…
[Insight] 3 Signs You May Need MDR (Managed Detection & Response)
Not every organization needs MDR — but many benefit from it more than they realize. Here are three signs it might be time: 1. Your Team Is Overwhelmed by Alerts If alerts are piling up and investigations are delayed, MDR can help triage and respond faster. 2. You Lack 24/7 Coverage Threats don’t wait for office hours. MDR…
Show all Software Updater installation attempts in Installation Logs
It would be massively helpful to see all installation events including failed attempts in the "Installation Logs". That way one could easily determine the causes of failed attempts instead of relying on screenshots of the logs.
Show Reboot status and system uptime
The Device View > Show History > Reboot needed shows only the date and time when the reboot needed flag was set. However after restarting the system it´s not obvious that this status is gone. There is the "Reboot needed" status in the device overview, but that status seemed to not update properly with the true system…
Patch Management | Additional Filter Field - Assigned Profiles
Hi team, I would like to ask if it is possible to add a new filter field under Patch Management? Specifically, the "Assigned Profiles" field. We group our endpoints using the assigned profiles we created. It would be helpful if this filter is included, so we could specify what groups to export. The alternate option we now…
[Insight] Demystifying Dwell Time — Why It Matters More Than You Think
Dwell time is the period between when an attacker enters your environment and when they’re detected. The longer they stay, the more damage they can do. ⚠️ Why It’s a Problem Average dwell time is over 220 days in some cases. Attackers use this time to move laterally, exfiltrate data, and establish persistence. 🛡️ How to…
[Insight] How to Spot Gaps in Your Endpoint Protection Strategy
Even with endpoint protection in place, gaps can emerge — often silently. Here’s how to identify and close them: 1. Check for Misconfigured Policies Are your profiles enforcing the right rules? 🛠 Use the Elements Endpoint Protection guide to review and adjust your configurations. 2. Review Detection Coverage Are you…
Add "veeam" client products to patch management
Please add the following client installed products to the patch management of EPP: Veeam Agent for Microsoft Windows Veeam Agent for MacOS
Browsing Protection - Adding New Allowed/Denied Sites
Can we move new entries for allowing/denying sites up top near the Add Sites button? It is a hassle if there is already a long list of sites and we have to scroll down every time we add individual sites.
Changing layout of the Browsing Protection reminder
I would like for the WithSecure team to change the way users are reminded to activate their browser security extensions. I believe the current process is too confusing for the average user to actually do it. This would lead to many tickets to IT, asking to stop the reminders… Picture this: When activating the "Remind user…
Intune MDM
How to Allow System Extension, Driver Extension & Network Extension using MDM profile?Is there any workaround to auto-approve the Network Extension without user interaction on macOS? I'm currently using Intune as my Device Management Solution. I have done creating the policy for extension for another permissions,
Notify if the copy of Windows is activated.
Notify if the copy of Windows is activated. Between connection errors to Microsoft servers, forgotten product activations, and the addition of resources awaiting funding, it would be useful to have this display to ensure that the server farm is compliant since ELEMENTS.
[Insight] 3 Questions to Ask When Assessing Your Incident Readiness
Incident readiness isn’t just about having tools — it’s about knowing how to use them when it counts. Start with these three questions: 1. Do You Know What “Normal” Looks Like? If you don’t know your baseline, you won’t spot anomalies. 🛠 Use WithSecure Elements to establish behavioral baselines. 2. Can You Contain an…
Desktop Remote Location Locking
Hi everybody, I’d like to remotely lock a colleague’s computer, which is likely lost. Initially, I want to lock it to give us a chance to recover it, and then proceed with a remote wipe if we can’t locate it. Does WithSecure offer these features, and if so, how can I implement them? Thanks very much. Yoh from France

Recent Discussions

Categories

Popular Tags

Recent Discussions

Discussion List

Categories

Popular Tags