-
WithSecure Policy Manager 16 AV with Active Directory Controllers
We got WithSecure Policy Manager 16. I'm Building new AV rules for our soon to be renewed Active Directory. Is WithSecure automatically compatible with MS's recommended folder and file bypasses for Active Directory Controllers? If not, I need help to create rules. Here are MS recommended bypass rules: File path…
-
Understanding "Scheduled or Locally/Remotely Triggered Scanning": Location and Settings Guide
This discussion was created from comments split from: Implementing Policies for Application Control and DataGuard Access.
-
Malware Detection and Removal with WithSecure EDR
Bonjour, Je voudrais savoir si les malwares qui sont détectés par l'EDR WithSecure sont également supprimés par celui-ci ou simplement détecté ? Voici une image : Merci d'avance de votre réponse,
-
Can not install Elements on a Win 10 computer.
Getting error something like - Windows Update has not the latest updates. But Windows is updated in full. Any ideas?
-
Implementing Policies for Application Control and DataGuard Access
Bonjour, J'ai du mal à mettre en place la politique pour interdire l'installation et le démarrage de certaines applications, ainsi que pour interdire l'accès à certains dossiers pour DataGuard. Actuellement, j'utilise la documentation suivante : WithSecure User Guides. Dans la documentation, je n'arrive pas à trouver la…
-
API for Policy Manager
Hi, i'm managing a private cloud solution for provisioning virtual machines and related services. This uses mostly API-Calls and Scripts to different infrastructure services (Virtualization, Networking, User Management, Backup etc.). We would like to include an API-Connection to Policy Manager 16 to automatically remove…
-
WAAPI_ERROR_INVALID_CREDENTIALS error on software deployment
Hi, I work in a High school in France. We have WithSecure EEP on servers and Workstation in Windows 10/11, in a Windows Active Directory Domain. We have many error in software deployment (not for microsoft updates) : WAAPI_ERROR_INVALID_CREDENTIALS Users do no have administrator rights on their workstation. What can we do…
-
"Critical importance" classification for device
Goodmorning , we have a premium EPP subscription and now we are testing EDR with a trial license Looking at Automated actions → Add rule it shows where I assign or remove "critical importance" for device? if this is an automatic classification where I can see how a device is classified for this rule? I read the…
-
How do I become certified with WithSecure Elements?
comment puis-je devenir certifié chez WithSecure Elements ?
-
Testing Forbidden Sites and Implementing WithSecure Elements
Bonjour, Je suis en train de tester les sites que j'ai interdits et j'ai noté que parfois j'ai la bonne page indiquant que le site a été interdit, et parfois il apparaît seulement blanc sans aucun signe de WithSecure. Voici les images : et Est-ce qu'il y a des vidéos expliquant comment mettre en place certaines…
-
Can't download update definitions with https
Hey, We use WS Business Suite (Security Prenium) and until my certificate expires, definition updates was working fine. I had updated fspms.jks with new one, can connect to my server with https protocol with firefox, and certificate chain is good. But updates doesnt work. I have temporaly switch in HTTP in order to make…
-
Elements EDR - New Feature - Accepted Behavior
With the introduction of Accepted Behavior, it is now possible to create suppression rules which can accept the behavior of a user or a process. This can significantly aid in silencing BCDs for expected behavior. Read the full article here:
-
Automatic actions
I am in the process of implementing automatic actions in the event of an infection. In the rule schedule field, there is no customization option, only the continue option. I would like to know on average of personalized planning my rule. Sincerely,
-
WithSecure uninstall script for macOS
Hi, I am looking for a WithSecure uninstall script for macOS that can be used by jamf as a roll back measure. Any suggestions would be appreciated. Regards, Ernest
-
Browsing protection plug-in
The following page is displayed when viewing the WithSecure browser plug-in. is there any form of documentation/statement that states that the information viewed by the plug-in (passwords, phone numbers, credits cards, etc.) is not stored in anyway? Regards, Ernest
-
Allow WithSecure for MAC components via jamf.
I've successfully deployed and activated the WithSecure client and its features on multiple Mac devices using Jamf. However, I'm encountering an issue with enabling the "filter network content" feature via Jamf. This feature restricts the ability to isolate the device when a command is sent from the Elements console unless…
-
Ubuntu 24.04 LTS
Does WithSecure EPP for Servers support Ubuntu 24.04 LTS?
-
📊POLL: What enhancement would make the biggest difference in customer response satisfaction?
We want your input! Our team is gearing up to refine our response strategies, and we need your insights to guide us. This poll focuses on identifying the key areas where improvements can have the most significant impact on customer satisfaction with our response services.
-
WithSecure Elements EPP support scan BitLocker-encrypted usb drives?
Hi, We activated 'Force Scan and show result to user' in 'Action when USB storage device is plugged' option 'Manual Scanning' section of profile, but when we plugged a USB encrypted with Bitlocker, we don't see any action of scan. Client Security Premium 15.30 introduce support for 'USB device scan BitLocker-encrypted…
-
Problem with Elements Connector registration
I need to install and configure a WithSecure Elements Connector to forward all security events to a SIEM server. I have installed WithSecure Elements Connector in my managed environment on Linux. I follow this guide: Then I configured an API access and the event forwarding settings as explained in the guide. After starting…
-
VPN with Elements agent?
I have been using Freedome for some time together with Elements, and this has been working nicely. Now that the F-Secure VPN replaces Freedome, it seems that these can not be installed together. Obviously I do not want to remove the Elements client, so what is the best solution here to get the VPN functionality back?
-
EDR, BCD
Hello, In the EDR, during a BCD consultation, in the drop-down menu allowing you to put a situation (in progress, monitoring, closed), what does the "waiting for client" option mean?
-
WithSecure Elements Mobile Protection: Complete End of Support for full-network VPN
As previously announced, support for full-network VPN is coming to an end on 25th April 2024 and some of our users are still using older versions of the Mobile Protection clients. Read the full article here:
-
Updated - Maintenance: Elements Cloud Security Posture Management - 2024-05-07
We will be performing some maintenance on Elements Cloud Security Posture Management to improve the performance of the system. This maintenance will start on 7th May 2024 at 10.00 UTC, and is expected to be completed within 30 minutes. Read the full announcement here:
-
Encrypt the other drives/partitions on the client?
Hi there! I was happy to see the ability to bitlocker encrypt system drives directly from the security center. It seems this only encrypts a clients system drive/partition. Any way to encrypt the rest?
-
Alert is not resolved
After an infection (it was detected and quarantined by WithSecure) the same alert appears again and again. Although we cleared it, cleared also the quarantine and made sure the file does not exist anymore on the client, the alert keeps reappering. This is how it looks in PM. The same entry keeps coming on and on. With same…
-
Avoid to isolate 1 server temporarily if critical alert is detected
Hello, I need to run a script on a server but this one is detected as a critical alert so my server is isolated when I run it. Is there a solution to temporarily deactivate EDR protection for 1 element (this server) ? Thanks in advance for your help. Anthony A.
-
What are the limitations of agent-only based VM scanning?
Hi, We have a customer site where our engagement is to only scan computers for vulnerabiltities. As such, we have not deployed a scan node. WIthSecure indicated that a scan node is not needed for this purpose. However, we notice that many vulnerabilities are not caught this way. For example, deprecated TLS versions are not…
-
Changes to the Elements Security Center - May 2024 - Cloud Security Posture Management
In January 2024, we released the first part of our new user experience changes for the Elements Security Center, bringing the Endpoint Protection and Endpoint Detection and Response products closer together. Now we are moving forward towards the next part of the changes. This time round, we will be bringing Cloud Security…
-
Software Update
Hello, I am looking to list all the software that is updated by Withsecure. Is there a place where I can get this information? Maybe the updated software list is the same as the software reputation list? THANKS.