Editor’s Highlights
In-Product Trials available across the Elements portfolio
Until now, if you wanted to try out a different part of the Elements portfolio of products, you needed to fill in a web form, or contact your partner.
Now, you can order a trial version of another part of Elements easily and directly from the Elements Security Center.
You can find out more about In-Product trials here.
Find out more about Exposure Management with the Demo mode
To help our customers and partners to get familiar with Exposure Management capabilities in the WithSecure Elements Security Center, a new feature “Exposure demo mode” has been introduced.
Exposure demo mode is available for all Elements Security Center users and can be accessed from user menu. Find out more here.
New Products and Services launched at SPHERE25
Each year, we hold an event in Helsinki for our partners, and this year was no different.
At SPHERE25 we launched several new products and services, and you can find out more about these here.
Extended Detection and Response
Endpoint Protection
During May, we made a small but important change to the scanning components on Microsoft Windows.
Partners and Customers who use custom integrations to monitor the state of protection are advised to read more details about this change here.
Email and Collaboration Protection
Phishing simulation tools update
We have added clear description and instructions on how Phishing Simulation Tools can be utilised without causing any conflicts in Element Collaboration Protection.
Under the Policy section in Elements Collaboration protection there is a specific policy item, "Phishing Simulation Tools".
At the end of the policy there will be a link to the existing section: Policies/Exchange/Trusted email sender addresses
This existing feature can be used for allowing the Phishing Simulation Tool to work properly.
Please find below a screenshot of the introduced section in the Elements Collaboration Protection policy section:
WithSecure Collaboration Protection fix released
We have released a fix for the license control mechanism. This fix ensures proper calculation of the licenses in use, even when a mailbox is temporarily failing to connect to the Microsoft Services. Before this fix, mailboxes on temporarily failure state were excluded from the calculation, leading to a situation where the total amount of used licenses was inaccurate.
Exposure Management
Attack path visualization
- Added a link to primary finding in step details
- Grouping of similar assets to tidy up the view
Exposure views filtering
- Exposure views now support filtering by multiple values, e.g filters like "FindingSource Includes Identity, Network" are possible
- Exposure multi-value filters can be repeated with different operations to support logics such as "Tags Include NIST KISA" "Tags Does not include HIPPA"
“MFA status” column in the Identities page
- New tooltip has been added to clarify the meaning of different MFA statuses Identity can have
- An adjustment to the MFA status logic has been made, when checking Entra ID Conditional Access policies. This might result in some of the Identities statuses changing from ‘Partially enabled’ to ‘Enabled’.
New “Account status” column in the Identities page
- New column has been added to the Identities table to indicate if the Identity’s account is enabled or disabled. Column is hidden from the default view, and can be added to the view. New filter has been also added, enabling filtering by account status.
Exposure Management for Business
Exposure Management System Scan
Support for detecting vulnerabilities in the following products was added to Authenticated Scanning:
- Amazon Corretto Java
- Erlang/OTP
- Netwrix Password Secure
- SoftEther VPN
- Spring Data Commons
Elements Foundations
Integrations
Elements API
Exposure Management recommendations as Security Events
You can see the new event specification from the API documentation for Security Events.
The Security Events are retrievable via the security events endpoint defined here.
Cloud-based incidents
The latest release of the Elements API introduces new incident types from cloud sources. This update enhances our threat detection capabilities by incorporating incidents from Azure and AWS environments. These incidents include identity and access management threats as well as cloud workload-based threats.
New Incident Source Types:
- identityAzure: Incidents related to Azure identity and access management detections.
- workloadAzure: Incidents detected from Azure workloads.
- workloadAws: Incidents detected from AWS workloads.
For a detailed overview of the API specifications for incidents, please refer to the complete documentation.
Share your ideas with us
Our purpose is to co-secure the world with you – now as WithSecure™. To co-create the best possible cyber security products and services, we warmly recommend you share your ideas via the Ideas section of the WithSecure Community, now accessible directly from WithSecure™ Elements Security Center.
Further information
Changelogs and Release Notes for all parts of WithSecure™ Elements can be found at the Help Center