WithSecure Elements Endpoint Detection and Response
-
Elements Endpoint Detection and Response (EDR) detects a safe application. How to whitelist the detection?
Issue: WithSecure Elements Endpoint Detection and Response (EDR) detects a safe application (e.g. an in-house application). How to whitelist the detection? Resolution: To whitelist a file directly, complete the following: * Log in to the Elements Security Center at here. * Select the Endpoint Detection and Response section…
-
System Upgrade for Endpoint Detection and Response – 27 September 2022
WithSecure™ regularly upgrades the Elements backend systems, and usually these upgrades are transparent to our customers. Very rarely, an upgrade will take longer, and we will advise our customers in advance, as it may have some small impact on access. WithSecure™ will be performing some essential upgrade tasks on the…
-
Tens of new response actions added to Elements EDR
NOTE: This article was originally published to the F-Secure Community, and has now been migrated to the WithSecure Community Update: A blog post has been made with more technical examples, together with associated videos. Take a look! We have added many new response actions to the Microsoft Windows version of the Elements…
-
Business Suite EDR clients are not shown in the Elements Endpoint Detection and Response Portal
Issue: Using Policy Manager Console, after activation of a new Elements EDR for Business Suite Computers license key on the devices when switching from an evaluation to production subscription, the devices are not visible in the Endpoint Detection and Response (EDR) Portal. submission.log shows the following error:…
-
Rapid Detection and Response (RDR) sensor in Business Suite Client Security or Server Security is unable to connect to the backend
Issue: Rapid Detection and Response (RDR) sensor in Business Suite Client Security or Server Security is unable to connect to the backend. User interface shows "Sensor is not activated" status and the device is not visible in the RDR Portal. Resolution: F-Secure recommends to add the following scope to whitelisted domains:…
-
Rapid Detection & Response (RDR) execution start and detection date / time mismatch
Issue: There is a date / time mismatch between the Rapid Detection & Response (RDR) execution start and the detection. How is that possible? Resolution: The host needs to be turned ON and have an active internet connection for the host to upload the detection information to the RDR portal. If the host goes to sleep mode or…
-
How to activate F-Secure Elements Endpoint Detection and Response when using Policy Manager?
Issue: How can I activate Elements Endpoint Detection and Response when using Policy Manager? Resolution: The endpoint sensors are lightweight, discreet sensors, which are included in Client Security 14.xx and Server Security 14.xx and above and newer. These sensors collect behavioural data from endpoint devices and are…
-
What is the difference between F-Secure Elements Endpoint Detection and Response and F-Secure Countercept?
What is the difference between F-Secure Elements Endpoint Detection and Response and F-Secure Countercept? F-Secure Elements Endpoint Detection and Response and F-Secure Countercept are both detection and response services concerned with addressing advanced and targeted cyber attacks in a rapidly evolving threat…
-
How do RDS sensor updates take place?
How do RDS sensor updates take place? When an update to the RDS sensors is available, F-Secure notifies your organization. The notification includes a changelog, as well as instructions on how to retrieve the updated package. Testing of the updated package should proceed as described for manual installation. To update…
-
Is there a generic sensor for servers?
Is there a generic sensor for servers? For servers, we are currently able to collect the necessary data with our generic sensors, so there is no need for separate server sensors.