Find clear, step-by-step solutions to common WithSecure issues across installation, configuration, updates, and product performance.
Issue: Unable to change the settings in an Elements EPP for Computers or Elements EPP for Servers profile in the Elements Endpoint Protection Portal due to the "save and publish" button being grayed out.Resolution: The profile editor includes extra validation checks to make sure all settings are complete and correct. If…
Issue: How to remotely change the subscription key of the Elements Endpoint Agent (EPP for Computers and EPP for Servers) via the Endpoint Protection Portal?Resolution: Follow these steps to remotely change a subscription key of a device using the Endpoint Protection Portal: * Log into the Endpoint Security Center Portal:…
Issue: When an WithSecure endpoint product is installed on a computer or server, there is high CPU or memory (RAM) usage and applications are experiencing performance issues. The connectivity of some applications can also be slow or blocked completely. Issue affects all WithSecure clients: * Elements Endpoint Protection…
Issue: I would like to register my Policy Manager Server which is not connected to a network (offline), how do I proceed?Resolution: * Contact WithSecure support by opening a support request here. * Provide the following information for WithSecure technical support to create an offline registration file: * Account Name *…
Issue: Error: "User cannot be added to this organization." appears on the Management > Organization Settings > Security Administrators page when trying to add administrator in the Elements portal. Resolution: This error usually means that the user already has access rights to an Elements organization, but currently there…
Issue: Customer or reseller partner would like to cancel an existing Evergreen (SaaS) WithSecure Elements subscription. How to cancel it? Resolution: If you have the product through a reseller partner, you need to contact them and they can request a termination of an existing Evergreen / SaaS subscription. If you are a…
Issue: How to create or generate a WSDIAG diagnostics file on a Windows computer? Resolution: Follow the steps below to generate a WSDIAG report. Click on the Windows Start button In the list of apps, click on WithSecure Click on WithSecure Support tools Click Run diagnostics Once completed, it generates a file called…
Issue: Error "Failed to fetch remove operations data" when trying to load a certain BCD ID. Only that specific BCD ID is displaying the error. Other BCDs have no issue. Resolution: Do check if the device linked to the problematic BCD is still in the device list, or has not been removed. As the reason this error could occur…
WithSecure™ Elements Endpoint Detection and Response (EDR) provides advanced capabilities to detect, investigate, contain, and remediate threats in real time. The platform combines automated detection with flexible response actions to help organizations act swiftly and decisively during cyber incidents. Core Response…
Issue: WithSecure Elements Endpoint Detection and Response(EDR)は、安全なアプリケーション(社内アプリケーションなど)を検出します。検出をホワイトリストに登録するにはどうすればよいでしょうか? Resolution: 広域コンテキスト検出(BCD)を「許容動作」として閉じることで、ユーザーまたはプロセスの行動を許容する抑制ルールを作成できます。これを行うには、以下の手順に従います。 * Elements セキュリティ センター (https://elements.withsecure.com) にログインします。 * 左ペインのイベントカテゴリを展開します *…
Issue: Why number of "Non-user mailbox" protected by Elements Collaboration Protection exceeds the purchased license size? Resolution: Non-user mailboxes will not be counted directly to the license size, like 1 license: 1 mailbox. Instead, it will be be counted with a ratio of 1:2. For example if you have an Elements…
Issue: Collaboration Protection sent URL detection from an mail received over 2 month ago. Why the delay has occurred?Resolution: If the detection found except neither Inbox nor Sent, it might cause when the mail was moved directory. The suspicious emails are automatically scanned depending on the action defined in the…
Issue: Normally after releasing quarantined email, the email will be re-sent to the original recipient. If quarantined file or URL in Exchange needs to be investigated, admin needs to release the email first and ask the recipient to forward the email to admin after the email is released. It's a bit risky for normal user…
Issue: Error when updating Azure Entra ID Identity script; "ERROR during Azure deployment: Cannot validate argument on parameter 'Tenant'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. Collecting information on failed deployments..." Resolution: Do make sure…
Issue / Symptoms: Error: "The management group cannot be found" when deploying Elements Identity Security for Entra ID with the /deploy.ps1 command. Additional errors: "The deployment validation failed. Deployment WSecCD-azure_entra_id terminates with the unexpected state." Resolution: If you get this error, we recommend…
Issue: When going to the Environment > Devices page in the Elements Security Center portal and clicking a device to see the device details, the Findings tab for Exposure Management findings is missing for a device. Resolution: Make sure that Vulnerability Management Scanning has been enabled for the device and that the…
Issue: Some scheduled system scan (network scans) end up with "Terminated" status.Resolution: We recommend to look into the scan log, which can be viewed by:* Log in to the Elements Vulnerability Management portal * Go to the Security Configuration > Scans > Network scans page * Open the scan group which is having issues…
Issue: I would like to use third-party application with Elements Vulnerability Management portal using the API, but how do I start?Resolution: The quick introduction and best practice guide to the Elements Vulnerability Management API are available here. You can find the full reference manual for Elements Vulnerability…
Issue: How to create WithSecure Elements Vulnerability Management API keys for authenticationResolution: An API key consists of an access key (for example, PA3IAKNANLM9) and a secret key (for example, UO9mkDEHFGa1Vau6o#1AfxwRmBQW@!qV). Note that the sample requests in this documentation show access and secret keys enclosed…
Issue: How can I check if specific vulnerability or CVE is covered in Elements Exposure Management (formerly known as Vulnerability Management)?Resolution: Option 1: You can view if Elements Exposure Management has coverage for a specific vulnerability directly from the Elements portal: * Login to Elements Elements…
問題だ: リアルタイムスキャンまたは DeepGuard が悪意のあるファイルを検出しました。誤検出かどうかを確認するために、ウイルスラボにサンプルファイルを提出するにはどうすればよいですか? 悪意のある可能性のあるファイルが検出されなかった場合、誤検出かどうかを確認するためにウイルスラボにサンプルファイルを提出するにはどうすればよいですか? 解決: もしそう疑っているのなら: クリーンなファイルが悪意あるファイルとして誤って検出された; 悪意のあるファイルであるが、当社のソフトウェアによって検出されていないもの。 Elements ポータルにあるSample…
Issue: How to upgrade an existing Elements Endpoint Protection EPP for Computers or EPP for Servers subscription from Standard to Premium or how to add Endpoint Detection and Response (EDR) feature to the existing subscription? Resolution: If the customer has an Evergreen (monthly) subscription and you want to upgrade the…
Issue: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot -folder is growing. Can it be deleted?Resolution: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot is the cache of our scanning engine for clean files. The file can be…
Issue: After upgrading to WithSecure Policy Manager 16.11, cannot view more than 10,000 items in Web Reporting views such as Host properties, and scheduled PDF reports for Host properties include only about 500 computers. Resolution: You can try splitting the machines in two groups and copy/paste Host Properties in excel…
Issue: Offline computers in an isolated environment running Business Suite Client Security 16.01 and Server Security 16.01 are not able to be updated because when applying the zip-file using fsaua-update_32.exe, the following error message is displayed: "ERROR: Update archive file is broken" Resolution: This is a known…
Issue: Linux Security 64 servers display real-time scanning status as "Disabled" in Policy Manager console status page. Policy for these servers is set to real time scanning as "on" and users are not allowed to change this setting. Why does the status show real-time scanning as disabled even if it should be…
Issue: How to upgrade Cloud Protection for Salesforce? Is there any roll-back option available after upgrade to latest version so that incase if there is any issue with the new version then we can rollback to old version. Resolution: The latest version of the Cloud Protection for Salesforce solution is always available in…
Issue: When URL Protection is enabled, links in email sent internally and externally has its URL syntax replaced which may break certain links. How to allow those URLs without disabling URL Protection in Cloud Protection for Salesforce?Resolution: Follow these steps to exclude a URL:* Login to Cloud Protection and go to…
Issue: WithSecure はFuture Method を使用してスキャンを実行していますが、これも Future Method を使用するカスタム スクリプトと衝突しています。この問題を解決する方法について何か提案はありますか? Resolution: デフォルトでは、Cloud Protection for SalesForce は、メール添付スキャンを呼び出すためにキュー可能ジョブを使用します。ただし、Future メソッドが呼び出された場合は、キュー可能ジョブの制限に達したことを意味し、 WithSecure App は代わりに Future メソッドを使用するように切り替えます。Future…
As of February 2026 partner users can no longer self-register into the Partner Portal. Instead, their company administrators can add them to their company. This change enhances security and removes the waiting time for activating new accounts. Here is how to add a new user account to Partner Portal as a Partner Portal…