Elements Security Center
Top computers accessing blocked websites
A new Top computers accessing blocked websites graph has been added to the Security Events reports
Changes in internet domains for WithSecure™ Elements
For the first few months, we have maintained the WithSecure™ Elements system using the elements.f-secure.com domain, with redirecting to the portal at elements.f-secure.com.
Now we are taking the next step towards moving all the services to the withsecure.com domain.
Please read our community article listing the details.
Filter / search Application Control rules
It is now possible to filter Application Control rules, for example to just list ones you are interested in. This is especially useful if you have many rules.
Configure alerts per Browsing Protection category
We have now added the ability to configure alerts per browsing protection category. The Administrator can select which browsing protection category blocks send alerts and which are silently blocked.
Editable Sample Submission URL
We have added a choice in the profile editor to edit Sample submission URL for browsing protection.
This option allows administrators to have an internal sample submission system, which they can use to pre-check samples before they are submitted to WithSecure.
Elements Endpoint Protection
Tamper Protection on Windows– Enabled by default
Tamper Protection, a feature in WithSecure Elements Endpoint Protection for Windows, protects the most important parts of the product from malicious tampering.
For example, with Tamper Protection enabled, it’s not possible to stop the background services needed to protect the device. Until now, Tamper Protection has been disabled by default, meaning that the security administrator has needed to enable this functionality to increase the protection against bad actors. We are seeing an increase in attacks that try to uninstall our product or kill our processes before infecting the device.
Starting from 19th October 2022, we changed the default setting of this feature so that it is automatically turned on for all new profiles. This change means that, out of the box, customers have increased protection. Different regions will get the change at different dates.
You can read more information in our separate article:
Tamper Protection on Windows– Enabled by default - WithSecure Community
Elements Agents 22.7
A new version of the endpoint clients for Windows has been made available.
This release makes the Elements Agent version 22.7 available (internal version 4.38.440). The endpoints automatically upgrade, without a reboot.
Features:
- Improvements to a new feature that send selected Windows Security Events to portal
- Added ability to change sample submit URL in browser block
- We are continuing to change file and service descriptions and names to contain the WithSecure name
Elements Collaboration Protection
While the Elements Collaboration Protection development team is working hard on some new features, they’re still taking time to ensure the existing released functionality works in an optimal manner. So there has been a couple of updates this month, which are there to fix minor issues and improve stability.
So, what are they working on? It’s no big secret, they are adding further functionality to help and protect users of Microsoft Teams. We don’t want to give all the details out at the moment, as some things are still subject to change, but we are adding scanning for files shared in Microsoft Teams chats and channels, which will prevent harmful content from being shared with the chat/channel members.
Elements Vulnerability Management
Device scanning with provided access credentials
We have added the ability to scan network devices with access credentials, which gives more possibility to detect information on those devices than was possible earlier.
For example, by providing access credentials, it is possible to extract exact version information of the software used on the device, which allows Elements Vulnerability Management to provide a much more accurate report on any vulnerabilities present.
This first release comes with the support for Cisco IOS, Cisco IOS XE, and FortiOS devices, and will be extended to other network device vendors in the future.
Integrations
Elements API: new framework
Elements API is a new API framework that will eventually cover all parts of the Elements solution. For the initial launch it provides:
- API Credentials UI. API credentials can be managed for all Elements solutions. It allows the admin to apply a policy to renew credentials after a certain time or to delete unused credentials. API credentials are now independent of users.
- Organization endpoint. This allows a partner to list all the companies that it has as customers.
- Security Events endpoint. This allows the listing of all security events including EDR incidents. Eventually this will replace the events endpoint in Endpoint Protection API.
Documentation:
Other items of interest
Elements Quarterly: the evolution of Elements Q3/2022
We have recently updated our WithSecure™ Elements pages with information about the recently launched features we have added to Elements.
This update includes 9 videos displaying new & advanced topics which help add understanding and aid you when engaging with your customers.
List of topics:
In case you missed it
Share your ideas with us
Our purpose is to co-secure the world with you – now as WithSecure™. To co-create the best possible cyber security products and services, we warmly recommend you share your ideas via our Ideas Portal, now accessible directly from WithSecure™ Elements Security Center.
Further information
Changelogs and Release Notes for all parts of WithSecure™ Elements can be found at the Help Center
https://elements.withsecure.com
