Release Notes

Xcitium Enterprise & Platform and Agents October Release (October 24, 2024)

Xcitium Enterprise & Platform

Improvements

  • Added a compatibility label for Windows 11 24H2 to the XCS support page.
  • Improved email notifications for 9 and 10 point alerts, based on addresses defined under Notification Settings.

Bug-Fixes

  • Resolved an issue where SOCaaP-managed endpoints became unmanaged due to conflicts between MDR log forwarding settings and profile definitions.

Xcitium Client Security – Windows

Improvements

  • XCS now supports Windows 11 24H2!
  • XCS agents are now installed with the Xcitium logo and branding by default, preventing potential rebranding issues.

Bug-Fixes

  • Fixed an issue that prevented the XCS agent GUI processes from launching on user logon.
  • Corrected a typo in the “Enable Intel TDT” description within XCS.

APPENDIX

New Portal Versions

  • Xcitium Enterprise: 4.37.0
  • Xcitium Platform: 9.3.4

New Agent Versions

  • Xcitium Client Security – Windows (XCS Windows): 13.3.0

Signed Bulk Package Versions

  • Xcitium Client Security – Windows (XCS Windows): Latest Stable – 13.2.0
  • Xcitium Communication Client – Windows (XCC Windows): Latest Stable – 9.2.0

Xcitium Enterprise & Platform October Release (October 17, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed an issue where XCS was automatically installed on endpoints after configuring MDR log forwarding settings.
  • Fixed an issue where Verdict Details in Hash Search were incorrectly redirected to a different domain instead of verdict.xcitium.com.

APPENDIX

New Portal Versions

  • Xcitium Enterprise: 4.36.1
  • Xcitium Platform: 9.3.3
  • OpenEDR: 4.36.1

Xcitium Enterprise & Platform October Release (October 10, 2024)

Xcıtıum Enterprise & Platform

Improvements

  • Removed the “Remember this device sign in” checkbox from the login screens on Xcitium Enterprise and OpenEDR to mitigate potential security risks to user accounts.

Bug-Fixes

  • Fixed an issue where custom keyword DLP patterns were not functioning as expected.
  • Resolved a problem where exporting to CSV from the File Rating page was limited to the first 1,000 items.
  • Fixed an issue where Xcitium Platform pages did not load after first-time signup.
  • Corrected an issue where Xcitium branding was missing from the EDR investigation webpage icon.

APPENDIX

New Portal Versions

  • Xcitium Enterprise: 4.36.0
  • Xcitium Platform: 9.3.2
  • OpenEDR: 4.36.0

Xcitium Enterprise & Platform and Agents October Release (October 03, 2024)

Xcıtıum Enterprise & Platform

Improvements

  • Enhanced the architecture for displaying managed device labels within the device list for better organization and clarity.
  • Optimized login performance across the Xcitium platform, resulting in faster access for users.
  • Improved the activation speed of modules during new user registration, reducing delays.
  • Accelerated the overall user registration process for a quicker and smoother experience.

Bug-Fixes

  • Fixed an issue with auto-sync on SOCaaP that prevented widgets from updating as expected.
  • Corrected a spelling error in the “Create New Tickets” button within the MDR interface.
  • Fixed an issue with the security vulnerability notice email template, ensuring proper formatting for communications.

APPENDIX

New Portal Versions

  • Xcitium Enterprise: 4.35.0
  • Xcitium Platform: 9.3.1
  • SOCaaP: 2.7.1
  • MDR: 4.35.0

Xcitium Enterprise & Platform and Agents September Release (September 26, 2024)

Endpoint Detection & Response – Windows

Improvements

  • EDR Windows version 2.9.0 is now available!

Bug-Fixes

  • Fixed an issue where Office 2016 Excel crashed when using Fn+F5 with the EDR 2.8 agent installed.
  • Fixed crashes of PrinterInstallerClientLauncher.exe and PrinterInstallerClient.exe when EDR 2.8.0.91 is installed.
  • Resolved an issue causing banking software to crash after updating XCS to version 13.1.0.9541.
  • Fixed several application crashes related to the installation of EDR 2.8.0.91.
  • Resolved an issue where Outlook.exe crashed with EDR 2.8.0.91 installed.

APPENDIX

New Agent Versions

  • Endpoint Detection & Response – Windows (EDR Windows): 2.9.0.107

Xcitium Enterprise & Platform and Agents September Release (September 18-19, 2024)

Xcitium Enterprise & Platform

Improvements

  • Added support label for Windows 11 24H2 in EDR Windows.
  • Added user information bubbles on the SOCaaP Dashboard to display detailed usage information.
  • Added ‘Buy New License’ button on the SOCaaP Dashboard to assist users with license purchases.
  • Added ‘Not Protected Device’ counts to the Endpoint Security widget on the SOCaaP Dashboard to highlight asset health status.
  • Added the ability to display MDR usage in the billing forecast for enterprise customers and recognize all prepaid MDR licenses.

Bug-Fixes

  • Fixed an issue where predefined procedures were not updated to reflect the current branding.
  • Fixed the issue preventing agents updating to the latest version when using local package distribution across the network.
  • Fixed an issue preventing 2FA SMS from being sent to +44 (UK) phone numbers.
  • Resolved an issue preventing the Custom Report from loading on the Xcitium Platform.

Device Management

Improvements

  • Support for Android 14.
  • Introduced BETA Version of web-based remote desktop for seamless remote access via browsers.
  • Added the ability to configure Remote Tools for macOS devices through profiles.
  • Removed support for iOS 12, 13, and 14 across Xcitium products since Apple already stopped their support.

Bug-Fixes

  • Fixed a bug in the endpoint manager that allowed access to functions that were not authorized.
  • Fixed an issue where Android’s “Allow accessibility service” setting would enter an infinite loop.

Appendix

New Portal Versions

  • Xcitium Platform: 9.3.0
  • Xcitium Enterprise: 4.34.0
  • SOCaaP: 2.7.0

New Agent Versions

  • Xcitium Communication Client – Windows (XCC Windows): 9.3.0
  • Xcitium Communication Client – macOs (XCC macOs): 9.3.0
  • Xcitium Remote Control – Windows (XRC Windows): 9.3.0
  • Xcitium Remote Control – macOs (XRC macOs): 9.3.0
  • Mobile Device Management Client – Android (MDM Android): 9.3.0

Signed Bulk Package Versions

  • Xcitium Communication Client – Windows (XCC Windows): 9.3.0

Xcitium Enterprise August Hotfix Release (Sep 05, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Resolved the issue where SOCaaP data was not automatically updated hourly, ensuring up-to-date information and accurate reporting.
  • Fixed the issue where the file rating component was syncing with Xcitium Cloud slowly, improving speed and performance.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.33.0
  • Xcitium Platform: 9.2.5

Xcitium Enterprise August Hotfix Release (Aug 22, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed the issue where selected customer names did not appear on the Managed Security pages.
  • Fixed the UI error in the customer dropdown menu in the Summary section under SOCaaP.
  • Fixed the issue where a server error 500 was returned when searching by ticket subject on the Managed Security pages.
  • Fixed the issue where the device list export to CSV failed.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.32.1
  • Xcitium Platform: 9.2.4
  • SOCaaP: 2.6.1

Xcitium Enterprise August Hotfix Release (Aug 15, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed an issue with missing background image errors during the Xcitium Enterprise signup flow.
  • Fixed an issue where command line details were not showing for the file rating scripts.

Xcitium CNAPP

Improvements

  • Updated the tab menu name from Tags to Tokens under Settings, Cloud Security Settings, to better reflect its functionality.
  • Added the ability to generate and secure access to API tokens from the Xcitium CNAPP UI.
  • Introduced an option to set expiration dates and add tags in the Tokens section under Settings.
  • Tokens are now displayed only once after creation, requiring secure copying and storage.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.32.0
  • Xcitium Paltform: 9.2.3

Xcitium Enterprise August Hotfix Release (Aug 12, 2024)

Xcitium CNAPP

New Features

  • CIS Benchmarks for Cloud accounts support added for Kubernetes clusters, allowing detection of various misconfigurations and vulnerabilities.
  • Vulnerabilities can now be detected in Terraform, Helm charts, and YAML files within GitHub, GitLab, and Bitbucket repositories.
  • Detailed views are provided for insights into namespace, cluster, and VM application behavior.
  • Pod Security Standards can now be enforced and visualized with flexible configuration options and dry run capabilities.
  • RBAC permissions can be managed using graph visualization and search functionalities.
  • Stable policies are now identified with a ‘stable’ tag to simplify zero trust implementation.

Improvements

  • A new detailed view has been introduced for identifying vulnerabilities and misconfigurations across cloud accounts and Kubernetes clusters.
  • Onboarding and inventory pages have been revamped, now supporting the onboarding of up to 100 clusters using access keys.
  • The CWPP dashboard has been enhanced with insights into various compliance frameworks.
  • Updated several menu names in the Cloud Security – Zero Trust module to better reflect their functionalities:
    • Under the Issues sub-menu, Vulnerabilities renamed to Findings.
    • Under the Compliance sub-menu, Compliance Summary renamed to Cloud Asset Summary.
    • The Remediation sub-menu renamed to Ticket Summary.
  • Container images can now be scanned based on the last pull date or Regex pattern.
  • Multi-upload of custom policy YAML files has been made easier.

Bug-Fixes

  • Fixed an issue with asset coverage for AWS, Azure, and GCP.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.31.0

Xcitium Enterprise August Hotfix Release (Aug 08, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed an issue where customers could not be edited or deleted because of ability to edit or even delete the non-editable default customer.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.30.3

Xcitium Enterprise August Hotfix Release (Aug 01, 2024)

Xcitium Enterprise & Platform

Improvements

  • Improved performance for device list reports.

Bug-Fixes

  • Fixed an issue where exporting HIPS events from Xcitium Platform, Device List and HIPS would return failed results.
  • Fixed an issue generating the ‘Device List’ report for a large number of endpoints.
  • Fixed the issue of exporting “File Rating” in CSV format not containing data based on activated filters.
  • Fixed an issue where the ‘Virus Scan’ and ‘Scan Results’ windows would appear if scanning on the endpoint was initiated via the Portal interface.
  • Fixed the issue where the protocol field for firewall events was not shown correctly on the portal if the protocol was not TCP or UDP.
  • Fixed an issue where the SOCaaP dashboard would fail to load, resulting in a 500 error.
  • Fixed the icons size in the Xcitium Enterprise interface.

Appendix

New Portal Versions

  • Xcitium Platform: 9.2.2
  • Xcitium Enterprise: 4.30.2
  • SOCaaP: 2.6.0

Xcitium Enterprise July Hotfix Release (Jul 04, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed an issue where the Xcitium web portal allowed XCS 13.1 installation on Windows Server 2012R2 endpoints, despite it not being supported.
  • Fixed an issue where the exported file rating CSV file displayed unfiltered events.
  • Fixed an issue where the alerts header under the “More” button disappeared in the Cloud Security – Zero Trust section.

Appendix

New Portal Versions

  • Xcitium Platform: 9.2.1
  • Xcitium Enterprise: 4.30.1

Xcitium Enterprise June Release (June 26-27, 2024)

Xcitium Platform

New Features

  • Ability to provide a Remote Tools/Commands Interface to the Mac shell.
  • Ability to assign windows software packages via profiles.

Improvements

  • Updating the CCS label shown under Active Components to XCS, which stands for Xcitium Client Security.

Bug-Fixes

  • Fixed an issue of being unable to disable the contact info.
  • Fixed an issue with licensing and usage-based limitations for Device Management features.

Xcitium Client Security – macOS

Bug-Fixes

  • Fixed an issue of MacOS memory leak on XCSM 2.6.0.1141.

Xcitium Client Security – Windows

Bug-Fixes

  • Fixed an issue where cmdagent.exe 13.1.0.9541 crashes.
  • Fixed the issue that caused the CIS agent to crash when the XCS v12.16 version was installed on the same machine.
  • Fixed an issue where AV scan background priority causes excessive disk writes.
  • Fixed an issue where the delay in applications’ launch in the XCS container via the context menu exceeds 30 seconds on OS Windows 11 23H2.
  • Fixed an issue where HIPS log record fields are empty in case of the ‘Block and Terminate’ action.
  • Fixed an issue where XCS does not apply the action “Exclude It” from the “Intel TDT” notification.

Appendix

New Portal Versions

  • Xcitium Platform: 9.2.0

New Agent Versions

  • Xcitium Communication Client – Windows (XCC Windows): 9.2.0
  • Xcitium Communication Client – macOS (XCC macOS): 9.2.0
  • Xcitium Security Client – Windows (XCSW): 13.2.0
  • Xcitium Security Client – macOS (XCSM): 2.6.1

Signed Bulk Package Versions

  • Xctium Communication Client – Windows (XCC Windows): 9.1.0
  • Xcitium Communication Client – macOS (XCC macOS): 9.2.0
  • Xcitium Security Client – Windows (XCSW): 13.2.0
  • Xcitium Security Client – macOS (XCSM): 2.6.1

Xcitium Enterprise June Hotfix Release (June 13, 2024)

XCITIUM ENTERPRISE & Platform

Improvements

Xcitium Enterprise Platform is completely revamped so that it allows users to easily find the exact feature and functionality at a glance.

  • “Endpoint Security” under Security is now renamed as “Endpoint Zero Trust (EPP + EDR + ZD)” – mentioning about every single unique feature of Xcitium where it provides Unified Zero Trust for endpoints


Old UI:


New UI:

  • “Investigate” submenu is renamed as “EDR” – where the users will now understand where exactly to look about EDR telemetry.


Old UI:


New UI:

  • “Blocked Threats” is renamed as “Blocked Threats (NGAV) – implying that this section is a part of Xcitium’s next-gen AV technology.


Old UI:


New UI:

  • “Quarantined Threats” is renamed as “Quarantined Threats (NGAV) – implying that this section is a part of Xcitium’s Next-Gen AV technology.


Old UI:


New UI:

  • “Contained Threats” is renamed as “Contained Threats (ZD)” – implying that this section shows how Xcitium is protecting your endpoints against “unknown” malware thanks to its patented “Zero Dwell” Containment technology.


Old UI:


New UI:

  • “HIPS Events” is renamed as “HIPS Events (EPP)” – implying that this section is an essential part of Xcitium’s Endpoint Protection Platform.


Old UI:


New UI:

  • “Firewall Events” is renamed as “Firewall Events (EPP)” – implying that this section is an essential part of Xcitium’s Endpoint Protection Platform.


Old UI:


New UI:

  • “Data Loss Prevention” is renamed as “DLP Configuration” and moved under “Endpoint Zero Trust (EPP + EDR + ZD)” section


Old UI:


New UI:

  • “Data Loss Prevention” is renamed as “DLP Events”


Old UI:


New UI:

  • “Cloud Security under Security menu is now renamed as “Cloud Security – Zero Trust” , and moved up under Endpoint Zero Trust


Old UI:


New UI:

  • “Cloud Assets” and “Cloud Workloads” sections under Assets menu are now relocated under “Cloud Security – Zero Trust”. This helps user to see/manage everything related to cloud under single pane of glass.


Old UI:


New UI:

  • “Event Analysis” under Security menu is now renamed as “SIEM – X”. This makes Xcitium’s in-house developed and native SIEM component visible to users.


Old UI:


New UI:

  • Added “Threat Labs” as a new menu item which enables users to easily navigate to worlds most enhanced AI and human expert powered Threat Analysis Center where each and every “unknown” file is turned to “known good” or “known bad”.


Old UI:


New UI:

  •  “Assets” menu is renamed as “ITSM”, where all features and functionalities related to IT and Service Management is located under.


Old UI:


New UI:

  • “Devices” under Assets menu is renamed as “Device Management”.


Old UI:


New UI:

  • “Configuration Templates” under Assets menu is divided into different sections:
    • “Profiles” section is moved directly under “ITSM” menu


Old UI:


New UI:

  • “Alerts”, “Procedures” and “Monitors” sections are moved under new “Remote Monitoring and Management” menu item.


Old UI:


New UI:

  • “Patch Management” section under “Software Inventory” is moved under ITSM menu


Old UI:


New UI:

  • “Vulnerability Management” under “Software Inventory” is moved under ITSM menu


Old UI:


New UI:

  • “Global Software Inventory” under “Software Inventory” is renamed as “Desktop Application Control”, and moved under “Application Control” section under ITSM menu


Old UI:


New UI:

  • “Mobile Applications” under “Software Inventory” is renamed as “Mobile Application Control” and moved under “Application Control” section under ITSM menu


Old UI:


New UI

  • “User Management” under Assets menu is moved under “Management” menu


Old UI:


New UI:

BUG-FIXES

  • Fixed an issue about data being loaded very slowly under Contained Threats – Device list.
  • Fixed an issue about displaying wrong usage numbers under “Bill Forecast” page under License Management section.
  • Fixed an issue about system preventing EDR agent installation without a “Client Security” profile is actively used.

Appendix

new portal versions

  • Xcitium Enterprise Platform: 4.30.0
  • Xcitium Platform: 9.1.3

Xcitium Enterprise June Hotfix Release (June 06, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed an issue with the data visibility and page load on Xcitium CNAPP for enterprise-type customers.

OpenEDR Platform

Improvements

  • Updated OpenEDR Platform registration steps to provide an easier experience for new users.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.26.0
  • OpenEDR Platform: 1.11.0

Xcitium Enterprise May Hotfix Release (May 30, 2024)

Xcitium Enterprise & Platform

Improvements

  • Improved logging functionality in Xcitium CNAPP for Enterprise customers.

Bug-Fixes

  • Fixed an issue with the “Name already exists” error statement in the UI when editing customers.
  • Implemented UI & UX fixes for the Xcitium Enterprise product sub-menu.
  • Fixed an issue with the Xcitium CNAPP login structure for enterprise-type customers.
  • Fixed an issue where Single Sign-On (SSO) failed when attempting to log in to Xcitium Enterprise from the Platform interface.

Appendix

New Portal Versions

  • MDR: 4.25.3

Xcitium Enterprise May Release (May 16, 2024)

Xcitium Enterprise & Platform

Improvements

  • Enhanced default transfer protocol to HTTPS for Windows pre-defined profiles to enhance security.
  • Enhanced default transfer protocol to HTTPS for Linux pre-defined profiles to enhance security.
  • Improved performance in verdict requests with database version updates.

Bug-Fixes

  • Fixed an issue where the HIPS tab was absent in Windows Device properties.
  • Fixed an error with SOCaaP 0365 monitoring.

Appendix

New Portal Versions

  • Xcitium Platform: 9.1.2
  • MDR: 4.25.2

Xcitium Enterprise May Hotfix Release (May 09, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed the icon position error on the password reset screen when loading the page.
  • Fixed the issue with the positioning of the BETA text on the Dashboard Settings screen.
  • Fixed the issue where the loading icon appeared half-finished on the waiting page after sign-up was completed.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.25.1

Xcitium Enterprise April Hotfix Release (April 25, 2024)

Xcitium Enterprise & Platform

Bug-Fixes

  • Fixed an issue where Client Access Control was disabled for all profiles, compromising security.
  • Fixed an issue that caused Remote Control and Tools profile tabs to be absent, preventing access to key functionalities.
  • Fixed an issue where the ‘Monitors’ tab was disabled for profile details and related email alerts were not being sent, impacting monitoring capabilities.

Appendix

New Portal Versions

  • Xcitium Platform: 9.1.1

Xcitium Enterprise & Agents April Release (April 09, 2024)

Xcitium Enterprise & Platform

Improvements

  • Added support label for macOS 14 in XCS macOS.

Xcıtıum Client Security – macOS

Improvements

  • Enhanced XCS support for macOS 14.

Bug-Fixes

  • Fixed an issue where translation was missing in certain items when a non-default language was applied.
  • Fixed an issue where XCS for macOS crashed and aborted scanning on macOS ‘Sonoma’ OS devices.
  • Fixed an issue where the parental control password was not applied to macOS devices.
  • Fixed an issue where LogViewer’s ‘Action’ entries remained unchanged after scanning for Restore/Delete operations on quarantined archives.

Appendix

New Agent Versions

  • Xcitium Client Security – macOS (XCS macOS) : 2.6.0
  • Xcitium Communication Client – macOS (XCC macOS) : 9.1.0

Xcitium Enterprise & Agents April Release (April 04, 2024)

Xcitium Enterprise & Platform

Improvements

  • Added support label for macOS 14 in XCS macOS.
  • Added support label for Windows 11 23H2 in XCS Windows.
  • Added support label for Windows 11 23H2 in EDR Windows.

Xcıtıum Client Security – Windows

Improvements

  • Enhanced XCS support for Windows 11 23H2.
  • Implemented VirusScope exclusions, allowing administrators to define exclusions for Virus Scope analysis via a new checkbox on the XCS UI.

Bug-Fixes

  • Fixed an issue where uninstalling XCS for Windows was not completely removed on Windows Server 2012.
  • Fixed an issue where Cmdagent service startup method was not restored by diagnostic as expected.
  • Fixed an issue of correcting application Authenticode signatures with valid SHA-1 and revoked SHA-2.
  • Fixed an issue where XCS did not add a new vendor to the Vendor List by AV Scan.
  • Fixed Explorer crashes when started in XCS container via context menu on Windows 11 23H2.
  • Fixed an issue where the Tracing configuration UI failed to elevate, preventing the saving of settings.
  • Fixed an issue where XCS blocked applications after File Rating despite having enabled alerts, preventing the unnecessary quarantine of legitimate software.
  • Fixed XCS containment rule skipping with Command-line criteria when another suitable rule existed.
  • Fixed an issue causing abnormal delays during Windows login when XCS was installed,
  • Fixed missing Containment Ignored notification for an AcrobatReader process running inside Windows AppContainer.

Appendix

New Agent Versions

  • Xcitium Client Security – Windows (XCS Windows): 13.1.0

Xcitium Enterprise March Release (March 29, 2024)

Xcitium Enterprise & Platform

Improvements

  • Implemented license and usage-based limitations in Xcitium Enterprise Platform.
  • Implemented license and usage-based limitations in Xcitium Platform (Classic View).
  • Added sections configuration tab under Xcitium Profiles details.
  • Added a new column with the name of “Profile” under Device list where active profile modules can be listed.

Bug-Fixes

  • Fixed an issue where the “Block Unknown DLL” and related filtering options are missing for HIPS.
  • Addressed a miscalculation of sensor log sources count on the Xcitium Platform.
  • Resolved the issue causing emails not to be sent after changing “Device Removal Settings” via Xcitium Platform.
  • Fixed the inactive ‘Change Rating’ button for macOS Quarantine events.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.25.0
  • Xcitium Platform: 9.1.0

New Agent Versions

  • Xcitium Communication Client – Windows (XCC Windows): 9.1.0

Xcitium Enterprise March Release (March 14, 2024)

Xcitium Enterprise

Improvements

  • Updated Xcitium registration page design for improved UI & UX.

Bug-Fixes

  • Fixed auto-sync issue on SOCaaP, ensuring widgets are auto-updated every hour as intended.
  • Resolved issue where clicking any alert in the event search panel resulted in no process timeline activity, fixing error 500 for “Timeline” and “Tree View”.
  • Resolved accessibility issues for non-Account Admin staff members to Cloud Assets and Cloud Workloads.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.24.0
  • SOCaaP: 2.6.0

Xcitium Enterprise February Release (February 29, 2024)

Xcitium Enterprise

New Features

  • Our full-featured Cloud-Native Application Protection Platform (CNAPP), which includes Cloud Workload Protection Platform (CWPP) and Cloud Security Posture Management (CSPM)–all available now on Xcitium Enterprise & Platform just for Enterprise-type customers. Details are provided below:
  • Dashboard enhancements:
    • Added “Cloud” sub-menu under the main menu.
    • Introduced Cloud Native Application Protection Platform (CNAPP) indicator.
  • Security menu enhancements:
    • Introduced a Cloud Security sub-menu for cloud workload assets.
    • Provided querying and visualization of information under various headings.
    • Cloud security issues, vulnerabilities, and registry scans
    • Compliance status, Cloud Security Posture Management (CSPM) Executive Dashboard, and Compliance Summary details.
    • Runtime protection, Cloud Workload Protection Platform (CWPP) Dashboard, App Behavior, and Policies management.
    • Access to account-related tickets under Remediation.
    • Access to Alerts, Triggers, and Monitors under Monitor/Alerts.
    • Viewing of Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) reports under Reports.
    • Access to notifications related to cloud workloads under Notifications.
  • Assets Management:
    • Added Cloud Workloads and Cloud Assets sub-menu items under the Assets menu.
    • Facilitated access to detailed information about cloud assets.
  • Introduced a Cloud Security Settings sub-menu under the Settings menu and added configuration settings for:
    • Cloud Accounts
    • Manage Cluster
    • Integrations
    • Labels
    • Tags
    • Groups
    • Ticket Templates

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.23.0

Xcitium Platform & OpenEDR Platform February Release (February 21-22, 2024)

Xcitium Platform

Bug-Fixes

  • Fixed an issue with the EM portal no longer displaying “Scanned and Found Safe” and “Scanned Online and Found Malicious” events under HIPS events.
  • Fixed incorrect icon displays: Icons for “minimize menu bar” and “maximize menu bar” in the Portal now display correctly.

OPENEDR

Improvements

  • Xcitium OpenEDR License now covers unlimited devices.
  • UI & UX Corrections have been applied to all Registration Pages in OpenEDR.
  • The product logo is now displayed instead of the Xcitium logo in the Main Banner of OpenEDR.

Appendix

New Portal Versions

  • Xcitium Platform: 9.3.0
  • OpenEDR Platform: 1.10.0

Xcitium Enterprise & Platform, Agents February Release (February 07-08, 2024)

Xcitium Enterprise & Platform

New Features

  • New ability to define the response type given by EDR for the Windows agent when setting the Alert Policy rule condition on Xcitium Enterprise alert policy configuration page.
  • New ability to terminate a process and generate an alert according to the action specified in the Alert Policy rule condition.
  • Added Response Action information in event details on the Event Search page.
  • Added “Action” information and necessary syntax controls to Event Search query definitions.
  • Added “Action Type” information to the Event Search results data as aggregations and to the result data grid.
  • Added Action Type filtering options on the Alert Search page.
  • Added Action information in alert details on the Alert Search page.

Improvements

  • The Enterprise UI now displays the minimum EDR agent version required to set the response of the EDR for the Windows agent as a label on the Policy Configuration Screens.
  • Added user information messages according to the selected response type.

Bug-Fixes

  • Fixed an issue where incorrect Component Value and Zero HASH data were displayed in Security Events for Containment Events related to certain files.
  • Fixed an issue with the display of ‘Unrecognized’ Xcitium Rating on the Xcitium Portal instead of ‘Trusted’, ensuring accurate file-rating representation.

Endpoint Detection & Response – Windows

New Features

  • New ability to terminate a process and generate an alert according to the action specified in the Alert Policy rule condition.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.22.0
  • Xcitium Platform: 9.1.1

New Agent Versions

  • Endpoint Detection & Response – Windows (EDR for Windows): 2.8.0

Xcitium Platform January Release (January 31-February 01, 2024)

Xcitium Platform

New Features

  • Incorporated feature labels and informational messages for macOS ZeroDwell Containment in UI to enhance user understanding and experience.
  • Introduced a new feature allowing users to hide support information.
  • Added a Containment (CO) Label to the Device List for macOS endpoints.
  • Added ZeroDwell Containment as a component to the ‘Security Products Info’ section under the ‘Summary’ tab for macOS Endpoints Details.

Improvements

  • Updated the Support page; the version tags for supported Endpoint Detection & Response (EDR) and Xcitium Client Security (XCS) on Windows OS have been refreshed.

    OpenEDR

    Improvements

    • Improved the visibility of the ‘Learn how to enroll device’ video in the onboarding pop-up window.

    Xcıtıum Client Security – macOS

    New Features

    • Implemented a new feature, ZeroDwell Containment ability, for macOS.

    Improvements

    • Implemented modifications to the Xcitium Client Security (macOS) agent as part of the rebranding process.
    • Enhancements to optimize log transfer performance within the Xcitium Client Security (macOS) agent architecture.

    Bug-Fixes

    • Fixed an issue where the ‘Old Value’ record was not appearing for removed Scan Profiles in the Configuration Changes tab, which now correctly displays the information as expected.
    • Fixed an issue wherein the ‘Archive moved to Quarantine’ message inaccurately included malware details; now, accurate logs are displayed, and archives are successfully deleted with a ‘Delete Malware’ request.
    • Fixed an issue where the exported data from the Log Viewer’s ‘Device Control Events’ tab had an incorrect structure in the document.
    • Fixed an issue with periodic Antivirus updates encountering “Request timed out” errors.
    • Fixed an issue where the updated host was not visible on the ‘Preferences-Update’ page.

    Appendix

    New Portal Versions

    • Xcitium Platform: 9.1.0
    • OpenEDR: 1.8.0

    New Agent Versions

    • Xcitium Client Security for macOS – macOS: 2.5.0
    • Xcitium Communication Client for macOS – macOS: 8.4.0

    Xcitium Enterprise & Platform January Release (January 10-11, 2024)

    Xcitium Enterprise & Platform

    Improvements

    • Updated the supported Linux OS versions list to show which distributed operating systems are compatible with specific Xcitium client versions for easier mapping. 
    • Updated Xcitium Enterprise menu icons, welcome pop-up text, and repositioned in the UI to enhance overall user interaction. 

    Bug-Fixes

    • Fixed an issue where file path values are not the same on the File List screen, or inside the file Info tab, when clicking on the file name in the File List screen. 
    • Fixed an issue of a “Failed” containment event being handled as a Containment Run Virtually event, with alerts created for them and reported in Xcitium Enterprise. 

    OpenEDR

    Improvements

    • Updated the OpenEDR welcome pop-up text, and repositioned to enhance overall user interaction. 

    Appendix

    New Portal Versions

    • Xcitium Platform: 8.4.0
    • Xcitium Enterprise: 4.20.0

    Xcitium Platform & Agents & Remote Control December Release (December 20-21, 2023)

    Xcitium Enterprise & Platform

    New Features

    • Introducing a new dashboard, the Return on Investment (ROI) Dashboard. This new dashboard empowers enterprise customers with precise insights to quantify Xcitium product security and efficiency impacts, cost savings as a result of investment, and expenses avoided as a result of Xcitium proactive protections. 
    • Adding a security function to automatically block potentially bad unknown DLL files from being loaded by safe processes.
    • Endpoint isolation ability to block network communication in case of a breach to protect endpoints from further damage. A temporary local admin account can be created to access the endpoint in the absence of a local admin account, especially when the device is under attack.

    Improvements

    • The ‘Provide Feedback’ Icon has been added to the Xcitium Enterprise Product UI, enabling streamlined user feedback submission for enhanced engagement and continuous improvement.
    • On the device enrollment and bulk installation package pages, warning messages are posted stating that if the current licenses in the customer account do not cover the MDR or XCS usage, an invoice will be generated at the end of the monthly billing period.
    • Improved spelling screen for enhanced readability of ticket details viewed by customers in Xcitium Enterprise.

    Bug-Fixes

    • Fixed an issue with logout in Endpoint Manager: Now, upon logout, users are correctly redirected to the Endpoint Manager login page, ensuring a smooth and expected user experience.
    • Fixed an issue where Autorun alerts were not showing events.

    Xcitium Client Security – Windows (XCS)

    Improvements

    • Improvements for network share performance issues associated with XCS installation.
    • Implemented performance improvements by creating a cache for scheduled tasks and optimizing system performance.
    • Redundant file rating logs have been configured so that more meaningful file rating events are shown in the portal.

    Bug-Fixes

    • Fixed an issue with AutoCAD’s slow performance, slow file opening, and printing when XCS is installed, ensuring a smoother user experience.
    • Fixed an issue where certain registry folder entries were not detected during the Boot Scan, enhancing comprehensive threat detection.
    • Fixed an issue of Website Filtering failing to block HTTPS traffic, enhancing overall web security for the specific domain address.
    • Fixed handling of Autorun entries, ensuring functionality even after disabling and avoiding the need for an OS restart.
    • Fixed an issue with log forwarding from Xcitium Client – Security to Xcitium SIEM, which was causing a 502 error.
    • Fixed RAM Leak issue on the XCS 12.15.

    Device Management

    New Features

    • Enabled command prompt for Linux devices under the Remote Tools section to remotely access Linux terminal.

    Improvements

    • Deployed the latest Apple APN certificate to the platform to improve communication with Apple devices.
    • Enhanced the communication client and remote control tool to be compatible with macOS 14.x.
    • Enhanced the communication client and remote control tool to be compatible with Windows 11 23H2.
    • Support for iOS 17.
    • OS patching auto-approval setting changes in patch management are now recorded in the audit log.

    Bug-Fixes

    • Fixed an issue where the “installed” or “not installed” selection was not filtering devices correctly in the patch management module, ensuring an accurate representation of installation status.
    • Fixed an issue where the “Failure” event in quarantine could trigger the “Malware Handled” monitor and updated the “Malware Handled” monitor to not trigger on quarantine failure.
    • Fixed an issue where devices were still showing as “device removed” under Vulnerable Devices in Vulnerability Management despite being removed.
    • Fixed an issue where devices were still showing as “device removed” on patch management screens despite being removed.
    • Fixed an issue where procedure results were not sent via email.
    • Fixed the “Restart Communication Client” script not working and communication client not updating issues by replacing the predefined script procedure “Restart the Communication Client” with the latest version.
    • Fixed the issue where the communication client was running through a proxy server even though the “Use proxy” option was disabled in the “Client Proxy” tab.
    • Fixed an issue where the offline monitor was not always triggered for all devices.

    Appendix

    New Portal Versions

    • Xcitium Platform: 8.4.0
    • Xcitium Enterprise: 4.19.0

    New Agent Versions

    • Xcitium Client Security – Windows (XCS Windows): 13.0.0
    • Xcitium Communication Client – Windows (XCC Windows): 8.4.0
    • Xcitium Communication Client – Linux (XCC Linux): 8.4.0
    • Xcitium Communication Client – macOS (XCC macOS): 8.4.0
    • Xcitium Remote Control – Windows (XRC Windows): 8.4.0
    • Xcitium Remote Control – Linux (XRC Linux): 8.4.0

    Signed Bulk Package Versions

    • Xcitium Client Security – Windows (XCS Windows): Latest Stable – 12.16
    • Xcitium Communication Client – Windows (XCC Windows): Latest Stable – 8.3

    Xcitium Enterprise & Platform November Release (November 22-23, 2023)

    Xcitium Enterprise & Platform

    New Features

    • Implemented the “Xcitium Mobile” license, a new mobile product, recognized by the portal.

    Improvements

    • Improvement for Xcitium Complete licenses to automatically update the user’s active policy to the enhanced Xcitium Managed Policy.
    • In the Start Managed Protection command window under the Service Dashboard, warning messages are posted to indicate that an invoice will be created at the end of the monthly billing period if there are insufficient licenses in the customer account.

    Bug-Fixes

    • Fixed an issue with an MDR icon not displaying for existing accounts using filled “Logging Settings”.
    • Fixed an issue specific to existing admin ratings not getting properly applied to files executed on devices enrolled under a newly created customer.
    • Fixed a trial licensing issue that did not cover Xcitium Client — Security usage as expected.
    • Fixed a gateway timeout issue on the SOCaaP and O365 integration after it returned a 504 error.
    • Fixed an issue of wrong application path direction and device count when selecting Device Count on the HIPS Events page.
    • Fixed an issue with Import CSV to File Rating not working as expected.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.18.0
    • Xcitium Platform: 8.3.2
    • SOCaaP: 2.6.0
    • MDR: 4.18.0

    Xcitium Enterprise & Platform November Release (November 15, 2023)

    Xcitium Enterprise & Platform

    Device Management

    Bug-Fixes

    • Removing Network Assessment Tool from the Xcitium Platform/Tools section due to no longer supported infrastructure.
    • Updating vulnerability scanning resources to cover 2023 as well as previous years.

    Appendix

    New Portal Versions

    • Xcitium Platform: 8.3.1

    Xcitium & Xcitium Enterprise Platforms & EDR Agent November Release (November 1-2, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • Updated all customer notification MDR email templates within the scope of Xcitium rebranding.

    Bug-Fixes

    • Fixed a timeout issue on the File Rating page during file searches that returned a 502 error. 
    • Fixed a source-code issue specific to a Twitter framework loading on the product UI. 
    • Fixed an issue with the display of details for a device’s Containment/Autorun/Quarantine events.

    Endpoint Detection & Response (EDR)

    Bug-Fixes

    • Fixed an issue of web pages loading too slowly in the Chrome Browser on devices running EDR. 
    • Fixed an issue of Windows 11 devices running EDR opening PDF files with Adobe Reader. 
    • Fixed an issue of the PDF Portfolio not getting created in Adobe Acrobat with an EDR agent installed. 
    • Fixed an issue specific to uploading a PDF for signature in Adobe Acrobat on a device with XCS and EDR installed. 
    • Fixed an issue of adding image to a PDF file via Adobe Reader on a device with EDR installed. 
    • Fixed an issue with opening and editing editable PDF files on devices running EDR. 
    • Fixed an issue with EDR 2.5.0.40 crashing on Microsoft Windows 10 Pro (x64) version 22H2.

    Device Management

    Bug-Fixes

    • Fixed an issue of procedure results not getting sent as expected via email.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.17
    • Endpoint Manager: 8.3.1

    New Agent Versions

    • EDR: 2.7.1

    Xcitium Enterprise & Platform October Release (October 11-12, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • Ability to protect against the .NET Compilers attack type with a new Containment Block rule.
    • Ability to see the processing for install, uninstall, update, and run procedure commands.

    Bug-Fixes

    • Fixed an issue of provisioning in the US region; the signup process timed out due to a rate-limiting error and returned a “Login failed” status.
    • Fixed a display issue specific to missing drill-down data and events.
    • Fixed an issue where a device still showed as “active” even when a managed endpoint had become unmanaged, and the last log was more than a month old.
    • Fixed an issue of the XCS version displaying incorrectly for “Debian 8.x with GUI” in the bulk installation package options when the version was actually XCS 2.2.1.501.
    • Fixed an issue where a filter that was opened once on one page was then displayed as open on all other pages.

    Appendix

    New Portal Versions

    • Endpoint Manager: 8.3.0
    • MDR: 4.16.2

    Xcitium Enterprise Platform Hotfix Release – (October 2, 2023)

    Xcitium Enterprise & Platform

    Bug-Fixes

    • Fixed an issue wherein a security event alert is not generated as expected on the Enterprise platform due to an absence of security event rule settings in the Xcitium Predefined Policy on the EU instance. 

    Appendix

    New Portal Versions

    Xcitium Enterprise: 4.16.1

    Xcitium Platform & Agents & Removal Tool September Release (September 20-21, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • The Enable Managed Protection option is now set as disabled and unchecked by default under device enrollment.
    • The data storage unit (in KBs) within the ‘Script Analysis’ section is now added.

    Bug-Fixes

    • Fixed an issue of undisplayed Data Loss Prevention (DLP) discovery logs in the Endpoint Manager (EM) portal and corrected the action value in Data Loss Prevention (DLP) monitoring logs.
    • Fixed missing newly detected script items in the Endpoint Manager portal.

    Xcitium Client Security – Windows

    Bug-Fixes

    • Fixed an issue of the endpoint communications agent cmdagent.exe file crashing in the 12.10.0.8697 version of a Windows 10 endpoint.
    • Fixed an issue of the Xcitium Client Security (XCS) Autorun Scans & Monitoring feature incorrectly detecting an .lnk file itself instead of the target object.
    • Fixed an issue of Internet Explorer not starting as expected via its Widget on Windows 11.
    • Fixed an issue of a long-duration loading of the log-in after AV is enabled.
    • Fixed an issue of “Terminate and Disable” boot protection monitoring to properly remove files instead of removing WMI autorun entries.
    • Fixed an issue of “Terminate and Disable” boot protection scanning to properly remove files instead of removing WMI autorun entries.
    • Fixed an issue of boot scanning not terminating embedded code autorun entries as expected.
    • Repaired the process for dumping crash logs on Windows 10 x64 hosts in the event of a cmdagent.exe crash.
    • Fixed an issue of the autorun process getting quarantined after an operating system reboot and kept in quarantine even if the autorun configuration is disabled.
    • Fixed an issue of the Xcitium Client Security (XCS) 12.16 crashing when the Scan Results window was opened and closed during a boot scan.
    • Fixed an issue with the chained launch of CMD when a PowerShell operation lags or doesn’t resolve.
    • Fixed an issue of Xcitium Client Security (XCS) detecting a new network zone after each login if automatic zone creation is disabled.

    Device Management

    Improvements

    • Ability to turn chatting on or off under profile management.
    • Ability to see Windows device event viewer with the new remote tool.

    Bug-Fixes

    • Fixed an issue of online devices generating an alert even though an offline monitor rule was assigned.

    Agent Removal Tool- Windows

    Bug-Fixes

    • Fixed an issue with the Removal tool uninstalling Xcitium Client Security (XCS) via the portal command.

    Appendix

    New Portal Versions

    • Endpoint Manager: 8.3

    New Agent Versions

    • Xcitium Client Security – Windows: 12.16
    • Xcitium Communication Client – Windows: 8.3
    • Xcitium Agent Removal Tool – Windows: 3.2.0.84

    Signed Bulk Package Versions

    • Xcitium Client Security – Windows: Latest Stable – 12.10
    • Xcitium Communication Client – Windows: Latest Stable – 8.2

    Xcitium Enterprise & Platform August Release (August 22-23, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • Implemented the ability to decline Xcitium Client Security Updates if there is a pending OS update reboot on the endpoint.

    Bug-Fixes

    • Fixed an issue of two-factor authentication (2FA) SMS notification not being sent as expected to +44 (UK) phone numbers.
    • Fixed an issue of a “Failed” containment event being handled as a Containment Run Virtually event with alerts created for them and reported in Xcitium Enterprise.
    • Fixed an issue of the “Xcitium Managed” license not covering Xcitium Client – Security usages as expected.
    • Fixed an issue with the drill-down link for the ‘XCS component has newer version than requested’ notification not redirecting to correct device detail page.
    • Fixed an issue of Xcitium Client – Security rebranding not being applied properly.

    Appendix

    New Portal Versions

    • Xcitium Platform: 3.66.0
    • Endpoint Manager: 8.2.23080

    Xcitium & Xcitium Enterprise & OpenEDR Platforms August Release (August 2-3, 2023)

    Xcitium Enterprise & Platform

    New Features

    • Ability to configure alert rules for security events generated by the Xcitium Client – Security, under the Alert Rules section.

    Improvements

    • Displays of “Event Time” and “Process Creation Time” data under Event Details are now shown with millisecond resolution for better visibility.

    Bug-Fixes

    • Fixed an issue of “Xcitium Managed” license not covering Xcitium Client – Security usages as expected.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.16.0
    • Endpoint Manager: 8.2.2
    • OpenEDR Platform: 1.8.0

    Xcitium & Xcitium Enterprise Platforms July Release (July 12-13, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • Updated email signatures that still contained Comodo branding to Xcitium.

    Bug-Fixes

    • Fixed an issue of Alerts and Events not displaying as expected in Xcitium Enterprise.
    • Fixed the issue of creating a new account after logging in to the Xcitium portal with an unregistered email address.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.15.0
    • Endpoint Manager: 8.2

    Xcitium & OpenEDR & Secure Internet Gateway Platforms & Agents & Remote Control & THAT June Release (June 21-22, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • Added an onboarding popup window to display the current provisioning status and to guide users to further provisioning options.
    • Added a new Threat Hunter Assessment Tool available now from the Xcitium Platform Tools menu.
    • Implemented a new API to fetch all data that is presented under the Dashboard/Compliance section of the Xcitium console.
    • Disabled permanently the Xcitium Message Center and removed the option to open it from the UI to resolve CPU-usage issues.
    • Added the ability to clone a role in Endpoint Manager.

    Bug-Fixes

    • Fixed an issue specific to enabling  MDR as expected when installing the Xcitium Client Communication only from the portal admin.
    • Fixed an issue with the “Show with the purged file(s)” filter that was not working under Endpoint Manager/Security/File Rating.
    • Fixed an issue resulting from not deleting log sources from the SOCaaP Interface.
    • Fixed an issue of custom Xcitium Client Communication (XCC) agent (the Endpoint Manager agent) rebranding not being applied properly from the correct profile.
    • Fixed an issue with user interface details displaying incorrectly after re-installing the Xcitium Client Security (XCS) agent.
    • Fixed an issue of data field alignment under the Data Loss Prevention (DLP) section of the UI.

    Xcitium Client Security – Windows

    Improvements

    • Implemented the ability to decline Xcitium Client Security Updates if there is a pending OS update reboot on the endpoint.
    • Added HIPS protection for LSASS processes.
    • Enhanced enumeration detection and response by implementing the ability to block applications and running processes in response to potentially dangerous or anomalous command-line operations.

    Bug-Fixes

    • Fixed the issue with blocked USB storage devices not getting re-blocked as expected when re-enabled via the device manager.
    • Fixed the issue with blocked removable drives with external device control being allowed re-enablement from the device manager in the portal.
    • Fixed a process tree issue showing the wrong tree due to missing embedded code.
    • Fixed the issue of high CPU usage during a DLP scan running on Windows server 2012 R2 with Xcitium Client Security 12.10.0.8697 installed.
    • Fixed the issue of some processes having incorrect parent applications on the Xcitium Client Security process tree due to Windows assigning the same PID to a new process as in another previously launched, already closed process.
    • Fixed the issue of consecutive scans increasing the cmdagent memory usage.
    • Fixed a system crash issue after an Xcitium Client Security 12.14 installment.

    Xcitium Client Security – macOS

    New Features

    • First phase of ZeroDwell Containment for macOS, as a BETA feature. With this feature:
      • Applications that have invalid signatures are blocked.
      • Applications that have malicious file ratings are blocked.
      • All AppStore 3rd-party applications that are signed by Apple/AppStore will be run without any restriction.
      • Applications that have trusted file ratings are run without any restrictions.
      • Applications that have unrecognized file ratings are run virtually.

    EDR

    Bug-Fixes

    • Fixed the issue of incorrect msi name in EDR installed/uninstalled messages.
    • Fixed the issue with EDR not uninstalling properly and continuing to collect events following an attempt to uninstall both the Xcitium Client Security and EDR from the portal at the same time.
    • Fixed an issue with Lsalso.exe causing a high CPU-usage performance issue when an EDR agent is installed.
    • Fixed the issue with msiexec.exe heuristic command-line analysis not working as expected in Xcitium Client Security 12.14.0.9145.

    Device Management

    Improvements

    • Added the ability to choose a screen recording location in Remote Control.
    • Implemented the ability to use “Curtain”/ “Black Out” mode Remote Control for macOS.

    Bug-Fixes

    • Fixed an issue of displaying the client access control password for the Xcitium Client Communication agent in a plain text format.
    • Fixed a vulnerability issue in SQLite for ITSM web services.
    • Fixed an issue of the offline monitor generating an online alert.

    OpenEDR Platform

    Improvements

    • Added an email option to the “Refer a Friend” popup for the OpenEDR Platform to provide a way to share and promote OpenEDR awareness and availability.
    • Added automatic redirection from Thank You page to the OpenEDR portal to decrease click counts and ease access to the portal.

    Bug-Fixes

    • Fixed the issue with inaccessibility of the enrollment link during registration of OpenEDR when the registrant’s email contains a “+” character.
    • Fixed the issue where an OpenEDR registration could not be completed when the registrant’s email contained capital letters.

    Secure Internet Gateway

    Improvements

    • Implemented the ability to increase the maximum number of domains that can be whitelisted or blacklisted, up to 3000.

    Bug-Fixes

    • Fixed the issue with data not displaying in the “Overview” and “Reporting” pages of the Secure Internet Gateway portal.

    Threat Hunter Assessment Tool (THAT)

    New Features

    • Rebranded the “Unknown File Hunter Tool” to Threat Hunter Assessment Tool (THAT)” with the Xcitium interface.

    Improvements

    • Added informative explanations and improved the product interface design for each process step, and for all scan results, to provide user-friendly usage and readability enhancements.
    • Improved steps for logging into the application and for continuing as a guest user.
    • Converted the tool to be a plug-and-play application.

    Bug-Fixes

    • Fixed an issue of showing unnecessary error messages specific to ongoing operations.
    • Fixed an issue with excessive duration when processing an application-closing command.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.14.0
    • Xcitium Platform: 3.65.0
    • Endpoint Manager: 8.2
    • OpenEDR Platform: 1.7.0
    • Secure Internet Gateway: 2.14.19

    New Agent Versions

    • Xcitium Client Security – Windows: 12.15
    • Xcitium Client Security – MacOS: 2.4.4.974
    • Xcitium Client Communication – Windows: 8.2
    • Xcitium Client Communication – MacOS: 8.2
    • Xcitium Remote Control – Windows: 8.2
    • Xcitium Remote Control – MacOS: 8.2
    • EDR: 2.7

    New Tool Versions

    • THAT: 6.0.0

    Xcitium & OpenEDR Platforms May Release (May 24-25, 2023)

    Xcitium Enterprise & Platform

    New Features

    • A new option is available under Bulk Installation Package and regular Windows enrollment to enroll a device with Managed status into SOCaaP.

    Bug-Fixes

    • Fixed the issue of showing empty components for the EDR events query.

    OpenEDR Platform

    New Features

    • “Refer a Friend” option on the OpenEDR Platform to spread OpenEDR usage.

    Device Management

    New Features

    • Ability to set On/Off Thumbnail section under Profile Settings.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.13.1
    • Xcitium Platform: 3.63.0
    • Endpoint Manager: 8.1
    • OpenEDR Platform: 1.6.0

    Signed Bulk Package Versions

    • Xcitium Communication Client: Latest Stable – 7.3
    • Xcitium Client – Security: Latest Stable – 12.10

    Xcitium Endpoint Manager Hotfix Release – (April 24, 2023)

    Endpoint Manager

    Bug-Fixes

    • Fixed the issue of unexpected Communication Client update, despite the Default Communication Client version being selected as an older version within Profile and Portal settings.

    Appendix

    New Portal Versions

    Endpoint Manager: 8.1

    Xcitium & OpenEDR Platforms April Release (April 12-13, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • Updating the default XCC version for Windows as the Latest Stable version under the Client Settings and Signed/Custom Bulk Installation Package.
    • Updating the predefined protection profile settings for the Windows operating system and renaming them under Default Profiles with a new name as Windows – Initial Deployment Profile and Windows Secure Profile.
    • Removing Xcitium Client – EDR option (already unclickable) on the Bulk Installation Package for MacOS and Linux.
    • Updating the release note link with updates.xcitium.com under Client Settings for Windows sections.
    • Updating predefined profile names with the format “{OS_name} – Secure Profile {portal_version}” (e.g. macOS – Secure Profile v.7.3).

    Bug-Fixes

    • Fixed the issue of default Xcitium branding is not pushed to endpoints.
    • Fixed the issue of the support website link configured within rebranding settings is not applied to the agent.
    • Fixed the issue of the domain format being added incorrectly when starting managed website protection on the Web Security section under Customer Health.

    OpenEDR Platform

    New Features

    • “Refer a Friend” option on the OpenEDR Platform to spread OpenEDR usage.

    Device Management

    New Features

    • Ability to set On/Off Thumbnail section under Profile Settings.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.13.1
    • Xcitium Platform: 3.63.0
    • Endpoint Manager: 8.1
    • OpenEDR Platform: 1.6.0

    Signed Bulk Package Versions

    • Xcitium Communication Client: Latest Stable – 7.3
    • Xcitium Client – Security: Latest Stable – 12.10

    Xcitium & OpenEDR Platforms & Xcitium Communication Client & Xcitium Remote Control March Release (March 22-23, 2023)

    Xcitium Enterprise & Platform

    New Features

    • Ability to define subdomain name while creating an Xcitium account.
    • Ability to limit resource usage of Xcitium Client – Security processes from the portal.
    • Ability to clean up automatic generated HIPS & Firewall rules on the agent via portal.

    Improvements

    • MDR icon on device list turns green when log forwarding setting under profile configuration is enabled.
    • Support for MacOS 13.
    • Improvement in the registration flow to automatically log in without the need for re-login after registration.
    • File Info page to display more detailed file information for firewall events.
    • Updating SIEM UI and menu structure on the Xcitium Platform.
    • Proper ordering of processes in the process tree for Xcitium Client – Security events on the Event Search screen.
    • United States & International phone numbers mentioned in emails.
    • Updated Xcitium Server Status page subscription emails.

    Bug-Fixes

    • Fixed the issue of the version selection for the Xcitium Client – EDR on the update additional packages pop-up not working properly.
    • Fixed the issue of not displaying the data on the dashboard-endpoint widgets unless change the date.
    • Fixed the issue of displaying the wrong logs on the HIPS tab under device list.
    • Fixed the issue of the displaying password prompt when uninstalling XCS with the MSI Uninstall command from the portal.
    • Fixed the issue of showing the action value as “Value not in the list” instead of “Create Process, Unknown DLL loading to process” for the HIPS event on the portal if the process loads unsigned DLL file(s).
    • Fixed the issue of showing incorrect customer information on the customer value under the HIPS Device List.
    • Fixed the issue of not showing information for Acronis data usage on the portal.
    • Fixed the issue of showing overuse seats while Xcitium Advanced Trial license is active.

    OpenEDR Platform

    Bug-Fixes

    • Fixed the issue of being unable to sign-up for OpenEDR with an existing CAM account.

    Xcitium Communication Client

    Improvements

    • Improvement in EDR & Xcitium Client – Security agents communications to more compatible and more consistent event stories by adding an event time and process creation time fields for all available event types, adding parent process for Application Control, Autoruns, Virtual Desktop, and Containment Activity events.

    Device Management

    New Features

    • Ability to see a thumbnail of the end users’ Windows device inside Endpoint Manager.
    • Ability to record the screen/session of Remote Control to your local device.
    • “Curtain” / Blackout mode for Remote Control.
    • Support for Android 13.
    • Support for Android 13 KNOX.
    • Chat functionality added to Agent and Endpoint Manager. This will not be enabled by default, to have this enabled please raise a support ticket requesting its activation.

    Bug-Fixes

    • Closing Remote Control makes a session debug file on the desktop.
    • Procedures run multiple times during a maintenance window due to crashes.

    Appendix

    New Agent Versions

    • Xcitium Enterprise: 4.13.0
    • Xcitium Platform: 3.62.0
    • Endpoint Manager: 8.1
    • OpenEDR Platform: 1.5.0

    New Agent Versions

    • Xcitium Communication Client – Windows: 8.1
    • Xcitium Remote Control – Windows: 8.1
    • Android – Mobile Device Management Client: 8.1

    Xcitium Client Security Windows March Release (March 09, 2023)

    Xcitium Client Security Windows

    Improvements

    • Arrangement of rules for network zones.
    • Adding process creation time field for XCS events under parents tree with millisecond resolution.

    Bug-Fixes

    • Fixed the issue of notification emails are not being delivered to recipients.
    • Fixed the issue of allowing space characters in text fields in Account
    • Fixed the issue of unable to delete local user profiles when XCS is installed.
    • Fixed the issue in client application due to web filtering causing a 1 second http traffic delay and resulting timeout.
    • Fixed the issue of 3D inventor design app extremely slow when XCS is installed.
    • Fixed the issue of firewall alert doesn’t appear if application rule is present but disabled.
    • Fixed the issue of showing HIPS block events for Registry that should not come when XCS is installed and Level 3 profile is applied.
    • Fixed the issue of trusted application start.hta is blocked by Containment.
    • Fixed the issue after installing the EDR agent on Windows Server 2016 causes the device stuck in loading status and cannot be booted.
    • Fixed the issue of uninstalling of binary update cannot completely remove XCS services/drivers if self-protection is enabled.
    • Fixed the issue of self-protection blocks the network bridge creation.
    • Fixed the issue of early launch monitoring logs have parent hash instead of have target hash.
    • Fixed the issue of cavwp.exe crashes.
    • Fixed the issue of macro blocking prevents the MSI uninstallation after binary update.

    Appendix

    New Agent Versions

    • Xcitium Client Security – Windows: 12.14.0.9145

    Xcitium & OpenEDR Platforms & EDR February Release (February 22-23, 2023)

    Xcitium Enterprise & Platform

    New Features

    • Preventing customers who should not have access to see all procedures and allocating permissions for the procedures they can see.

    Improvements

    • Providing a list of devices in which related firewall event is seen.
    • Improvement on the File Rating page by removing pagination to increase search result performance.
    • Improvement to show “Restore all items from quarantine” action in audit logs.
    • Default 7-day filter for the firewall events page
    • More visible Firewall and HIPS Events menu.

    Bug-Fixes

    • Fixed the issue where the shows all data ignoring filtering when exported as CSV even though the data is filtered on HIPS Events page.
    • Fixed the freezing issue in date filters on dashboard.
    • Fixed the showing wrong last detection date issue on HIPS Events page.
    • Fixed the issue of Endpoint Manager doesn’t send Monitor email.
    • Fixed the issue of showing nonsense error message on the Enterprise platform if the user password is expired.
    • Fixed the issue of the XCS firewall blocking edrsvc.exe.

    OpenEDR Platform

    Improvements

    • Adding how-to videos and a Calendly option to book an appointment for Xcitium team to make it easier to enroll devices and deploy EDR.

    Bug-Fixes

    • Fixed the issue of default policy error of OpenEDR accounts with SOCaaP Essentials, SOCaaP Advanced, and SOCaaP Managed licenses.

    Xcitium EDR Agent – Windows

    Improvements

    • Updating EDR MSI installation process as disabling “Custom Script” action.
    • Getting rating with Trusted Vendor List support for EDR agent.

    Bug-Fixes

    • Fixed the issue of unable to edit shared spreadsheets when EDR is installed.
    • Fixed the issue of Virtual Memory Access events not listed on the EDR agent log.

    Appendix

    New Agent Versions

    • Xcitium Enterprise: 4.12.0
    • Xcitium Platform: 3.61.0
    • Endpoint Manager: 7.3.43770.23020
    • OpenEDR Platform: 1.4.0

    New Agent Versions

    • Xcitium EDR Agent – Windows: 2.6.0.58

    Xcitium Enterprise & Platform February Release (February 01-02, 2023)

    Xcitium Enterprise & Platform

    New Features

    • Ability to import their end customers from Datto for MSP account type.

    Improvements

    • Support for Debian 11.x.
    • XCC and XRC Support for Windows 10 22H2.
    • Adding “# of Devices” value to the Firewall Events page.
    • Functionality improvements on the Device List page of HIPS Events (OS icon with status visibility
    • for each device, clickable device name and owner).
    • Updating the MDR “ticket created” email templates as part of the rebranding scope.
    • Rebranded license expiration email.
    • Updating the sender of Xcitium emails.
    • Correcting Alert time on the Alert search page by populating it with event time.
    • Improvement on the event time for XCS events by mapping time fields to millisecond resolution.
    • Updating the year information in the portal and login pages to 2023.

    Bug-Fixes

    • Fixed the issue of notification emails are not being delivered to recipients.
    • Fixed the issue of allowing space characters in text fields in Account Management.
    • Fixed the issue of no results being obtained when the double-quoted field in the event content is added to the query.
    • Fixed the endless search and case sensitivity issues on the SOCaaP customer health search bar.
    • Fixed the menu item not redirecting when clicking Profiles from the Monitors page in Configuration Templates.
    • Fixed the issue of “back to the previous page” items don’t work in the Device List.
    • Fixed the issue of the error message when clicking the “Import from Connectwise” button in SOCaaP.
    • Fixed the issue where the Manage with bulk operation doesn’t work when more than 50 devices are selected in SOCaaP.
    • Fixed the issue of data could not be displayed on the Event Search page when searching for a device name as a sample query.
    • Fixed the issue of when the name of a saved query in the Event Search page is changed and the query is clicked, it is not reflected in the query field.
    • Fixed the issue of the “# Of Devices” filter doesn’t work properly with the value 0 on the HIPS Events page.
    • Fixed the issue of 2FA entry via keypad doesn’t work.
    • Fixed the issue of the see more button on the Hash View page does not work.
    • Fixed the issue of users not getting emails from the Endpoint Manager.
    • Fixed the issue where the Xcitium Enterprise logo and the warning in the top red area would breakas the page size gets smaller on the Xcitium Platform.
    • Fixed the issue of naming the update report on the platform role’s access rights page.
    • Fixed the UI issues on the Role page.

    OpenEDR Platform

    New Features

    • Whitelabeled OpenEDR registration page for partners.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.11.0
    • Xcitium Platform: 3.60.0
    • Endpoint Manager: 7.3
    • OpenEDR Platform: 1.3.0

    Xcitium Enterprise & Platform January Release (January 12, 2023)

    Xcitium Enterprise & Platform

    Improvements

    • XCS Support for Windows 10 22H2.
    • XCC and XRC Support for Windows 11 22H2.
    • Ability to skip users with unsupported characters in their name when performing LDAP sync.
    • Placeholder text update for Staff Email and Password Reset.
    • Adding File Hash data to HIPS events page.
    • Adding ‘Registry’ process to ‘Windows System Applications’ File Group.

    Bug-Fixes

    • Fixed the issue of the customer filter not working on reporting page.
    • Fixed the reporting issue in SOCaaP.
    • Fixed the issue of the alert searching taking a long time and returning an error 502.
    • Fixed the issue of the “Pay Now” and “Upgrade Now” buttons on the Xcitium Platform, redirecting to Xcitium Enterprise instead of Xcitium Platform.
    • Fixed the location issue of the scroll back to the top button on the Enterprise platform.
    • Fixed the issue of incorrect regular expression exclusions for ITSM agent upgrade.
    • Fixed the issue of some errors in login and signup.
    • Fixed the issue of added suppression rules don’t work for new alerts that are created.

    Device Management

    Improvements

    • Available MDR Icon and “Device is not Managed” filter option only for Windows Devices.
    • Updating SOC icon to MDR icon for managed devices.
    • Command logs have been added to Audit Logs while using remote Command Prompt or remote Powershell feature.

    Bug-Fixes

    • Fixed the issue of incorrect filter functioning for the “Device is not Managed” option on the Device List.
    • Fixed the issue of the device group being deleted not properly on the breadcrumb of group management.

    OpenEDR Platform

    New Features

    • Customized OpenEDR registration and login page and onboarding message for MSP customers.
    • Customized OpenEDR registration and login page and onboarding message for MSSP customers.

    Improvements

    • Improved OpenEDR registration page and onboarding pop-up message for Enterprise customers to more customized content.

    Service Status Page

    Improvements

    • Rebranded Xcitium Server Status page.
    • Rebranded Xcitium Server Status page subscription email.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.10.0
    • Xcitium Platform: 3.59.0
    • Endpoint Manager: 7.3
    • OpenEDR Platform: 1.2.0

    New Agent Versions

    • Xcitium EDR Agent – Windows: 2.6.0

    Xcitium Enterprise & Platform December Release (December 29, 2022)

    Xcitium Communication Client for Windows

    New Features

    • Self Protection module is enhanced to provide full protection against unintended access/modification on Xcitium agent processes and services. 
    • Improvement in the naming of restored files. 
    • Improvement in restoring quarantined files without overriding existing original files. 

    Bug-Fixes

    • Fixed the issue of Client Security Agent Autoruns Scan & Monitor doesn’t detect scheduled task items correctly in case embedded code contains two valid paths. 
    • Fixed the issue of incorrect file system path interpretation by the Client Security Agent driver when VHD exists. 

    Appendix

    New Agent Versions

    • Xcitium Client Security: 12.13.0 

    Xcitium Enterprise & Platform December Release (December 21-22, 2022)

    Xcitium Enterprise & Platform

    New Features

    • Supporting Linux distros without GUI on bulk installation and enrollment wizard.
    • Ability to see firewall events on the portal under device details and security menu items.
    • Ability to see HIPS events on the portal under device details and security menu items.
    • Ability to restore all quarantined files from quarantine in one action.
    • Ability to uninstall EDR clients with MSI uninstaller

    Improvements

    • Rebranded Xcitium invoices.
    • Xcitium Forum accounts for newly registered MSP customers.
    • Updating sensor name to be compatible with Xcitium.
    • Improvement on 2FA configuration steps on Xcitium Enterprise.
    • Improvement on filtering of devices with EDR Agent installed.

    Bug-Fixes

    • Fixed the issue of Xcitium Enterprise pages not opening in the Safari browser.
    • Fixed the issue of not showing all data in widgets under Device View and Hash View.
    • Fixed the issue of x-frame-bypass works for the Xcitium Enterprise login page.
    • Fixed the issue of showing the wrong selected aggregation and selected field on the event search
    • page.
    • Fixed the issue of rebranding settings were still applied in the Communication Client agent despite
    • being revoked.
    • Fixed the issue of duplicate entries in the hash view page.
    • Fixed the issue of the file path aggregation results not loading on the event search page.
    • Fixed the issue of not loading the device search page.
    • Fixed the issue of not loading the SOCaaP icons.

    Device Management

    Bug – Fixes

    • Fixed the issue of not showing the device enrollment warning for the MSP account that does not have a device.
    • Fixed the issue of the portal not sending the EDR version 2.5.0.40 to the Windows 11 version 22H2 devices.

    Secure Email Gateway

    Improvements

    • Improvement on the destination route logs to print the IP it is trying to connect when the route is not found or there is a problem with the SMTP connection.

    Bug – Fixes

    • Fixed the issue of email not getting passed to O365.

    Secure Internet Gateway

    Improvements

    • Rebranded domain with Xcitium for Secure Internet Gateway.

    Xcitium Client Security for Linux

    Bug-Fixes

    • Fixed the issue of no file hash value for detected malware on Linux devices.
    • Fixed the issue of XCSL doesn’t allow to use of a Web camera.
    • Fixed the issue of the system hanging after starting the scan during the AV update.

    Xcitium Communication Client for Windows

    New Features

    • Ability to support Windows 11 22H2

    Improvements

    • Rebranded Xcitium Communication Client.

    Xcitium Communication Client for macOS

    New Features

    • Ability to support macOS 13.

    Agent Removal Tool

    Bug-Fixes

    • Fixed the issue of Removal Tool can not delete XCS in Windows.

    Appendix

    New Portal Versions

    • Xcitium Enterprise: 4.9.0
    • Xcitium Platform: 3.58.0
    • Endpoint Manager: 7.3.43724.22120
    • Secure Email Gateway: 1.0.15-20
    • Secure Internet Gateway: 2.14.17

    New Agent Versions

    • Xcitium Client Security – Linux: 2.3.1.556
    • Xcitium Communication Client – Windows: 7.3.44908.22120
    • Xcitium Communication Client – MacOS: 7.3.44849.22120
    • Agent Removal Tool: 3.2.0.82

    OpenEDR Platform Release (December 8, 2022)

    Xcitium OpenEDR Platform

    Improvements

    • Xcitium OpenEDR is now available with the https://openedr.platform.xcitium.com URL

    Bug-Fixes

    • Fixed the issue of the OpenEDR pop-up opening on the Alert Search page on Firefox.

    Appendix

    New Portal Versions

    Xcitium OpenEDR Platform: 1.1.0

    Xcitium Platform Hotfix Release (December 8, 2022)

    Xcitium Enterprise & Platform

    New Features

    • EDR Support for 22H2 build of Windows 10 and Windows 11 starting with EDR 2.5.0 version.

    Bug-Fixes

    • Fixed the issue of the “MDR Force Protect” license doesn’t change the product type of the account on the SOC portal.

    Appendix

    New Portal Versions

    Endpoint Manager: 7.2

    Xcitium Platform October Release (November 23, 24 2022)

    Xcitium Enterprise & Platform

    New Features

    • Showing SOC icon for all windows and Linux devices whether activated or not.
    • Filtering a device according to EDR agent status and unmanaged devices.
    • Password reset feature on Xcitium Enterprise login page.
    • Automatic alert mechanism for L3 support team when unexpectedly high quarantine log count is detected.
    • Support for Ubuntu 22.x.

    Improvements

    • Corrections on Endpoint Security Dashboards description and data presentation time.
    • Updates on staff e-mail verification contents according to Xcitium Design Guide.

    Bug-Fixes

    • Fixed the issue of covering AEP usage for Xcitium Managed License.
    • Fixed the issue of showing alerts belonging to another customer displayed for a specific account.
    • Fixed the issue of showing default logs in data collection network sensor.
    • Fixed the SOCaaP Dashboard not opening the ticket management page of the relevant customer.
    • Fixed the issue of not populating alerts to Xcitium Enterprise application.
    • Fixed the issue of adding agents to managed protection on SOCaaP.

    Device Management

    Bug – Fixes

    • Fixed the issue of false offline monitor triggering.
    • Fixed the issue of being EDR update feature availability for Xcitium Platform and Comodo One applications.
    • Fixed the issue to be unable for installing CCS and EDR on Windows 10 22 H2.

    Secure Email Gateway

    Bug – Fixes

    • Fixed the issue of opening the delivery diagnostic page opening error.
    • Fixed the issue of CAM login with SSO.

    Appendix

    New Portal Versions

    Xcitium Enterprise: 4.8.0 
    Xcitium Platform: 3.57.0 
    Endpoint Manager: 7.2
    Secure Email Gateway: 1.0.15-19

    Xcitium Platform October Release (November 2-3, 2022)

    Xcitium Enterprise & Platform

    Improvements

    • Optimizations for automated emails.
    • Rebranded “Successful Activation and Welcome” email.
    • Update on the logo of Xcitium Enterprise switching to the Xcitium Platform.
    • Improvement on report generation time format to be more understandable.
    • Improvement on infrastructure to enable mapping between system parts.
    • Improved password reset emails to provide more information.
    • Rebranded policy name under report false positive of EDR.
    • Improvement on the footer of Xcitium Enterprise.

    Bug-Fixes

    • Fixed the issue of accessing error of service dashboards.
    • Fixed the issue of the device group and profile relations in automatic mode.
    • Fixed the issue of missing fields in the parser related to FortiGate firewalls.
    • Fixed the issue of Endpoint Manager menu icons to expand & collapse states.
    • Fixed the issue where deleting Client Proxy profile partition resulted in 404 error.
    • Fixed the issue of importing profile XCS config file error.
    • Fixed the issue of “Custom Variables”, “Registry Variables”, “COM Variables”, and “File Groups Variables” being editable despite disabled permission.
    • Fixed the issue of the domain does not change within the scope of rebranding in the classic interface switch.
    • Fixed the issue of missing “.com” value for the destination host event types.
    • Fixed the issue of the “Profile section settings” popup not showing while adding the firewall section.

    Device Management

    New Features

    • Ability to set EDR versions for installation and automatic updating.

    Bug – Fixes

    • Fixed the issue of false offline monitor triggering.
    • Fixed the issue of running scheduled procedures twice and failing with an error.
    • Fixed the issue of not reporting procedure results on EM Portal for scheduled/on-demand procedures.

    Secure Email Gateway

    Bug – Fixes

    • Fixed the issue of the download option for outgoing logs returning an error ‘Unresolved Exception’.

    Appendix

    New Portal Versions

    Xcitium Enterprise: 4.7.0 
    Xcitium Platform: 3.56.0 
    Endpoint Manager: 7.2
    Secure Email Gateway: 1.0.15-18

    New Agent Versions

    Xcitium Communication Client: 7.3.44 

    Xcitium EDR Hotfix Release – (October 17, 2022)

    Xcitium Endpoint Detection and Response

    EDR

    Improvements

    • Ability to enable alert policy from the local file.

    Bug-Fixes

    • Fixed the vulnerability issue in EDR installation path.
    • Fixed the issue of missing script content when the script is executed from the CMD shell.

    Appendix

    New Agent Version

    Xcitium EDR: 2.5.0.40

    Xcitium Platform October Release (October 12-13, 2022)

    Xcitium Enterprise & Platform

    Xcitium Enterprise & Platform

    New Features

    • Enhancement in mapping EDR alerts into MDR events. 
    • Accessing monthly threat reports on Reports section.
    • Sticky filters to improve navigation in device list.

    Improvements

    • NxSensor installation guide pdf file corrections according to Xcitium brand name. 
    • Ability to clear all selected/applied filters by selecting “clear filter icon”. 
    • Improvement on a batch of 10k or above number of events transferring error message. 
    • Improvement on fatal error message handling in the Event Processor. 
    • Improved automated emails to provide more information.

    Bug-Fixes

    • Fixed the issue of EDR managed policy not being deployed properly. 
    • Fixed the issue of Enterprise portal performance issue for the specific customer. 
    • Fixed the issue of null values exception message for hash search. 
    • Fixed the issue of valid session dashboard error. 

    Secure Internet Gateway

    Improvements

    • Setting log export limitation. 

    Bug – Fixes

    • Fixed the issue of checking different policies for the same roaming agents. 
    • Fixed the issue of SIG reporting Windows 11 endpoints as Windows 10. 

    Secure Email Gateway

    Bug – Fixes

    • Fixed the SSO access issue to SEG .  

    Appendix

    New Portal Versions

    Xcitium Enterprise: 4.6.0 
    Xcitium Platform: 3.55.0 
    Endpoint Manager: 7.2.43689.22100
    Secure Email Gateway: 1.0.15-17 
    Secure Internet Gateway: 2.14.16 

    Xcitium Platform September Release (September 21-22, 2022)

    Xcitium Enterprise & Platform

    New Features

    • The second phase of the rebranding of the Comodo Dragon Platform as Xcitium has been completed. 

    Improvements

    • Showing Endpoint Manager events in Alert Search. 
    • Naming convention enhancements for some fields of Alert Policy and Suppression Rules. 
    • EDR event search fields have been improved with new functionalities.   

    Bug-Fixes

    • Fixed unexpected logout issue on Xcitium Enterprise. 
    • Fixed the issue of the selection bar not working properly in account management. 
    • Fixed the issue of not changing file ratings. 
    • Fixed data error not showing in dashboard.  
    • Fixed file hash search not returning results. 
    • Fixed the focus problem on 2FA pages. 
    • Fixed blank Malware detection widgets. 
    • Fixed issue of disappearing save query button on the event search page. 
    • Fixed Xcitium Enterprise and Portal login error. 
    • Fixed the issue of being unable to show Admin Rating after page refresh in hash view. 
    • Fixed the issue of the logo disappearing when changes are being made.
    • Fixed the email notification setting issue. 
    • Fixed the issue of missing metadata field in the write file event. 
    • Fixed the issue of downloading MDR reports in Firefox browser.  

    Cyber Security

    Improvements

    • Added Windows version control for installation and updating Xcitium Client – Security Agent.

    Xcitium Client Security

    New Features

    • Detection of WMI provider auto-runs.
    • Enabled WMI provider registration detection from DLLs.
    • Protection for Xcitium Client – Security Agent’s own processes and assets. 
    • Ability to limit Xcitium Client – Security Agent resource allocation. 
    • Prevented report tool running in containment.
    • Detection for macro script executions.
    • Detection of unsigned DLL’s loaded into the trusted process.
    • Ability to add exceptions for script analysis.

    Improvements

    • Enabled command line visibility on Alert Search.
    • Ability to send actual containment script content to portal.
    • Improved EDR and Xcitium Client – Security Agent communications and compatibility.
    • Performance Optimization and Monitoring.
    • Optimization of user scan interface.

    Bug-Fixes

    • Fixed the issue of Windows Server 2022 not getting responsive with Xcitium Client – Security Agent 12.12 installed.
    • Fixed the issue of Windows Server 2016 not getting responsive with Xcitium Client – Security Agent 12.9 installed.
    • Fixed Windows Application Error event (Registry Lock) with Xcitium Client – Security Agent 12.10 installed.
    • Fixed the issue of firewall driver not running after Windows major upgrade and Xcitium Client Security binary upgrade.
    • Fixed Performance issues/ Higher CPU Utilization by cmdagent.exe.
    • Fixed the issue of Xcitium Client – Security Agent blocking BToE communication with Policom.
    • Fixed the issue of Xcitium Client – Security Agent blocking network share writes.
    • Fixed the issue of Xcitium Client – Security Agent Firewall in Safe Mode blocking outgoing traffic from Trusted EDR service.
    • Fixed the issue of devices not getting responsive while listing Xcitium Client – Security Agent logs. 
    • Fixed updated local verdicts DB errors.
    • Fixed errors for specific firewall & website definitions.
    • Fixed errors for memory leak on firewall driver.
    • Fixed the issue of infected items not automatically cleaned after the full scan is completed.
    • Fixed quarantine issue of loaded malicious DLL when loaded into the process.
    • Fixed the issue of absent Quarantined files in Quarantine.
    • Fixed the issue of Xcitium Client – Security Agent not being able to read file hash.
    • Fixed the issue of an exe file being contained and not logged.

    Device Management & Licensing

    New Features 

    • Ability to show the number of devices associated with the profile in the profile list added.
    • Ability to remote print for Windows.
    • Ability to remote print for Mac.

    SOCaaP

    Bug – Fixes

    • Fixed the issue of removing the specific website from Web Protection.
    • Fixed the report download issue in Safari and Firefox browsers.

    Secure Internet Gateway

    Bug – Fixes

    • Fixed the issue of Top Target Domains, DNS and all statistics not displayed on the console.
    • “Buy a product” link redirection correction

    Secure Email Gateway

    Bug – Fixes

    • Fixed the issue of quarantined emails not delivered to users.

    Appendix

    New Portal Versions

    Xcitium Enterprise: 4.5.0
    Xcitium Platform: 3.54.0
    Endpoint Manager: 7.2
    Xcitium Client Security: 12.12.1
    Xcitium Client Communication: 7.2
    Secure Email Gateway: 1.0.15-16
    Secure Internet Gateway: 2.14.15

    Xcitium Platform August Release (August 25-26, 2022)

    Xcitium Enterprise & Platform

    New Features

    • The first phase of the rebranding of the Comodo Dragon Platform as Xcitium has been completed. 

    Improvements

    • Showing which EDR agent version is supported on Windows operating system versions on the Support page. 
    • Speed improvement on Xcitium Enterprise platform. 

    Bug-Fixes

    • Fixed the issue of report could not be generated. 
    • Fixed the issue of meaningless default network name. 
    • Fixed the company name, contact email, country, state, phone country code, phone, support phone, support email and logo fields in account management API validation problems. 
    • Fixed the issue where a report generation could not create .pdf when the customer’s name has “.com”. 
    • Fixed the sorting error of alert on customer health. 
    • Fixed the issue where the back functionality to previous pages does not work properly. 
    • Fixed the issue of managed alert rules of EDR could not be deployed properly in the EU. 

    Cyber Security

    New Features

    • Adding notification message about firewall module on Windows servers OS in profiles  

    Improvements

    • Filtering mechanism for showing only file(s) that could not be analyzed in Xcitium Verdict Cloud 

    Device Management & Licensing

    New Features 

    • Adaptation to new product offerings. 

    Secure Internet Gateway 

    New Features

    • Secure Internet Gateway has been rebranded as Xcitium. 

    Secure Email Gateway

    New Features

    • Ability to reject or quarantine password protected zip files. 

    Appendix

    New Portal Versions

    Portal: 7.2.0 
    Xcitium Enterprise: 4.4.0 
    Xcitium Platform: 3.53.0
    SOCaaP: 2.3.1 
    Secure Email Gateway: 1.0.15-15 
    Secure Internet Gateway: 2.14.14

    Dragon Platform August Release (August 03-04, 2022)

    Dragon Enterprise & Platform Portals

    New Features

    • Access to containment activity logs of endpoints.
    • Ability to add secret questions right after configuring 2FA.

    Improvements

    • Improved portal UI compatible with Xcitium rebranding. 

    Bug-Fixes

    • Fixed the issue of the event search page does not receive data when the count value is clicked according to the data of a device in the device view page.
    • Fixed the display of different customers’ devices issue for MSP accounts.

    Cyber Security

    New Features

    • Detection of unsigned DLLs loaded into trusted processes. 

    Comodo Client Security

    New Features

    • Enabled WMI provider registration detection from DLLs.
    • Protection for CCS’s own processes and assets.
    • Ability to limit CCS resource allocation.
    • Monitor shared resources and detect suspicious file encryption by ransomware.
    • Detection of WMI provider auto-runs.
    • Ability to add exceptions for script analysis.
    • Detection for macro script executions.

    Improvements

    • Improved EDR and Comodo Client – Security Agent communications and compatibility.
    • Optimization of user scan interface.
    • Preventing run report tool in containment.
    • Ability to send actual containment script content to portal.
    • Performance optimization and monitoring.
    • Saving EDR alerts on MDR as event format.

    Bug-Fixes

    • Fixed updated local verdicts DB errors.
    • Fixed the error that loaded malicious DLL was not quarantined in the ongoing.
    • Fixed the user profile service problem with CCS.
    • Fixed errors for specific firewall & website definitions.
    • Fixed the issue of CIS firewall driver not running after Windows and CCS binary upgrade.
    • Fixed the issue of devices not getting responsive while listing CCS logs.
    • Fixed the issue of Windows Server 2016 not getting responsive with CCS 12.9.0.8649 installed.
    • Fixed the issue of infected items are not auto-cleaned after the full scan is completed.
    • Fixed the issue of winget.exe being contained and not logged.
    • Fixed the higher CPU utilization by cmdagent.exe performance issue.

    Device Management & Licensing

    New Features 

    • Automatic profile and device update once file group variables are updated. 

    Secure Internet Gateway 

    New Features

    • Adaptation to new product offerings. 

    Secure Email Gateway

    New Features

    • Adaptation to new product offerings. 
    • Secure Email Gateway has been rebranded as Xcitium. 

    Bug-Fixes

    • Fixed the issue of detecting the attachments as different types even though they have the MS office extension. 

    Appendix

    New Portal Versions

    Portal: 7.1.42819
    Dragon Enterprise: 4.3.0
    Comodo One: 3.52.0
    SOCaaP: 2.3.0
    Secure Email Gateway: 1.0.15-14
    Secure Internet Gateway: 2.14.13

    New Windows Client Versions 

    Comodo Communication Client: 7.1.43113.22060
    Comodo Client – Security: 12.12.0

    Dragon Platform July Release (July 21-22-25, 2022)

    Dragon Enterprise & Platform Portals

    New Features

    • Comodo is beginning the first phases of our rebranding to Xcitium. 

    Improvements

    • Miscellaneous performance improvements. 
    • Updates on windows profile options. 

    Bug-Fixes

    • Fixed the issue of UI slowness.
    • Fixed the issue of a suppression rule with “File Directory” condition doesn’t work.
    • Fixed the issue of disabled alert rules being triggered.
    • Fixed the issue of reports not being generated.

    Cyber Security

    New Features

    • Comodo Client—Security Agent distribution only for supported Windows operating system versions. 
    • Supported Windows operating system versions in support page.

    Improvement

    • Showing all containment logs by default.
    • Changing Comodo Client – Security Agent update settings to the latest stable version. 

    EDR

    Bug-Fixes

    • Fixed the issue of EDR output logs being visible by default on the endpoint. 
    • Fixed the issue of cmd and powershell process creation events not being detected by EDR agent. 

    Device Management & Licensing

    Improvements 

    • Ability to view uninstallation process and log for CCS uninstallation.
    • Added ability to enroll device to a “Company” instead of a “User”.

    SOCaaP 

    Bug-Fixes 

    • Fixed the issue of O365 integration. 

    Appendix

    New Portal Versions

    Portal: 7.1.22070
    Dragon Enterprise: 4.2.0
    Comodo One/Comodo Dragon: 3.51.0 
    SOCaaP: 2.2.3 

    New Windows Client Versions

    EDR: 2.5.0

    Hotfix for Comodo Managed Detection and Response (July 06, 2022)

    Bugfixes

    • Fixed the issue of agent logs not being shown on Dragon Enterprise if there is no log collection sensor installed.

    Comodo Dragon Platform June Release (June 23-24, 2022)

    Dragon Enterprise & Platform Portals

    New Features

    • Platform white-labeling capabilities for Comodo Partners
    • Support for mapping alert rules to the MITRE ATT&CK framework
    • New script content visibility providing centralized analysis for the content of scripts created by unknown processes
    • New Customer Summary Metrics included in the Managed Security tab

    Improvements 

    • Streamlined Menu Structure
    • File Rating Mechanism & Reporting Mechanism Usability
    • Agent Communications/Compatibility
    • Collapsible Query Panel In SIEM
    • MDR Customer Summary Dashboard
    • Support valid email address across support portal users for MDR Notifications

    Bug-Fixes 

    • Fixed the issue of not changing sub-menu titles when opening another page 

    Security Improvements

    New Features

    • Ability to add/submit/analyze file(s) from the portal
    • Password protection for Comodo Agent Removal Tool

    Improvements 

    • Added details on malware detection email notification 
    • Introduced new sorting capability on Antivirus AV DB Version under Endpoint Security Status section 
    • Ability to view uninstallation process and log for CCS uninstallation
    • Disabling CCS features without reboot

    Bug-Fixes

    • Fixed the issue of not assigned admin rating from Alerts section

    Device Management & Licensing

    New Features

    • Auto-Containment License and Distribution
    • Agent update progress tracking
    • Added supported OS version and platform in the name of agent Installer and Bulk installation package
    • Introduced support for Android 12 KNOX
    • Ability to add notes and tags to devices
    • Export functionality for Vulnerability List inside Vulnerability Management
    • New feature to enable a copy and paste process into the Windows Lock screen during a Comodo Remote Control session
    • Added ability to search inside Comodo Remote Control based on “logged in username”

    Improvements 

    • Improved maintenance window scheduling by allowing end time to be on next day 

    Secure Email Gateway

    Bug-Fixes

    • Fixed the issue of missing Archive functionality during an active trial license
    • Fixed the issue of not properly displaying Chinese characters

    Appendix

    New Portal Versions

    Portal: 7.1.42795.22060
    Dragon Enterprise: 4.1.0
    Comodo One: 3.50.0

    New Windows Client Versions

    Comodo Communication Client (Windows): 7.1.42722.22060
    Comodo Remote Control (Windows): 7.1.42611.22060
    EDR: 2.5.0.25

    New macOS Client Versions

    Comodo Communication Client (MacOS): 7.1.42724.22060
    Comodo Remote Control (MacOS): 7.1.42613.22060

    New Android Client Versions

    Android Mobile Device Management Client (CDN): 7.0.1.1

    New Secure Email Gateway Version

    1.0.15-13

    Hotfix for Comodo Secure Internet Gateway (June 09, 2022)

    Bugfixes

    • Fixed the issue of not assigning any policy to the endpoint when Secure Internet Gateway agent is uninstalled directly from the endpoint and reinstalled. Now, the previously assigned policy is re-assigned.

    Hotfix for Comodo Dragon Enterprise (May 26, 2022)

    Bug-Fixes

    • Fixed the issue of MSP account conversion to Enterprise account after signed up.
    • Fixed the issue of not showing Malware detection in hash widget without changing the filter on the dashboard.

    Hotfix for Comodo Dragon Enterprise (May 25, 2022)

    Bug-Fixes

    • Blank widgets for Malware Detections by Hash, Malware Detections by Endpoint and Alerts by Endpoint in Dashboard issue is fixed.
    • Fixed the issue of Authentication problem at the login page.
    • Issue of absent Event Count and Raw Log Size information in Weekly Reports is fixed.
    • Fixed the issue of incorrect Device List at the EM Portal.

    Hotfix for Comodo Dragon Platform and Comodo Communication Client (May 18, 2022)

    Device Management & Licensing

    New Features

    • Export Functionality for Vulnerability Management

    Export ability will be added for the Vulnerability List and Vulnerable Devices pages to export vulnerability reports as .csv.

    Improvements

    • Bulk Export/Import Functionality for Procedures

    Multiple procedures under the Configuration Templates section will be imported and exported.

    • Showing Last Logged-in User at the Device List Table of Logged in User Column

    From now on, the last logged-in user will be shown on the device list table of the last logged in user column instead of the current logged-in user. The currently logged-in user will be shown as green-colored, also the last logged-in user will be shown as gray-colored.

    • Adding Newly Enrolled Endpoints to Default Group if the Associated Device Group is Deleted

    With this improvement, if the device is enrolled after the associated device group is deleted, the device will be added under the selected Customer -> Default Group. If the customer is also deleted, devices will be added under the Default Customer -> Default Group.

    • Improving Navigation with Breadcrumbs

    Breadcrumbs will be extended for easier navigation.

    Comodo Communication Client

    Bug-Fixes

    • The incorrect service paths for services of Comodo Communication Client 7.0.42010.22030 has been fixed.
    • Fixed the issue of ITSM agent fails to update and it causes broken Comodo Communication Client instance.

    Comodo Endpoint Detection and Response (EDR) Agent for Windows Hotfix Release (April 26, 2022)

    Improvements

    • New Injection Subsystem

    EDR Agent infrastructure is completely renewed. This major enhancement will provide high stability and even faster and more reliable detection & response capabilities.

    Bug-Fixes

    • Fixed the issue of alerts are not occurring even if events occur. The structures The system performance issue after installing EDR has been fixed.
    • Fixed the issue of CPU usage is 100% with EDR installed.

    Comodo Dragon Platform April Release (April 13-14, 2022)

    Dragon Enterprise & Platform Portals

    New Features

    • Editable Policy and Suppression Rules

    From now on, the company-wide alert policy and suppression rules for alerts can be set. So that, new alerts can be defined, and any apps or files can be excluded to prevent generating alerts.

    Improvements

    • Renaming Endpoint Security Sections

    Endpoint Security section under Dragon Enterprise Platform has been entirely renamed with a more comprehensive menu structure. 

    • Dragon Enterprise Availability on Europe Region

    From now on, Dragon Enterprise Platform will be fully available on Europe region. 

    • Full Visibility on all Endpoint Detection and Response Plans

    From now on, all Endpoint Detection and Response plans (including free) will have full visibility instead of unknown visibility. 

    Bug-Fixes

    • Fixed the menu display issue in Dragon Enterprise for Firefox browser. 
    • Fixed the issue of not working File Hash search for EDR alerts on Hash View under Alerts. 
    • Fixed the issue of User Search on the Alert Search page does not work properly. 
    • The issue of Comodo Client Security events are not shown for devices on Investigate page under Event Search has been fixed. 
    • Fixed the issue of Website Protection page is not shown occasionally under the SOCaaP menu. 
    • The issue of displaying the error when searching Alert Related Events on the Event Search page under the Investigate menu has been fixed. 
    • Fixed the issue of EDR events and alerts are absent on the Dragon Enterprise portal. 
    • The Malware Detection Charts not displaying issue on Endpoint Dashboard has been fixed. 
    • Fixed the issue of fields are not shown on the Event Search page.

    Cyber Security

    New Features

    • Adding the Containment Run Virtually New Options in the Default Profile

    From now on, a containment rule in default profiles can be set for “Run Virtually” action to prohibit usage of SMB shared resources and/or not allow access to other processes memory. 

    • Scan Start Date – End Date Addition for Antivirus Device List Export

    When the antivirus device list is exported, the Scan Start Date and Scan End Date are now included. 

    • Sync/Async LVS Lookup Switch

    From now on, LVS Lookup can be configured to be executed synchronously or asynchronously. 

    • Showing Embedded Code Detections on a New Section in Application Control  

    Detected embedded codes are shown on a separate section for easier differentiation from other application detections. Moreover, from now on the content of the detected script can be queried for further analysis.

    Improvements

    • Renaming Security Sub-System Section

    Security Sub-System section under Dragon Platform has been entirely renamed with a more comprehensive menu structure. 

    • Specific Browser Data Paths Addition to Protected Data Folders

    Data folder paths for major web browsers are added under Protected Data Folders section in order to prohibit contained applications to read sensitive browser data. Necessary paths are added for below web browsers:
    – Google Chrome
    – Mozilla Firefox
    – Microsoft Internet Explorer

    • Containment Rule UI Improvements

    From now on, criteria details are also being shown under Containment Rules section. 

    Device Management & Licensing

    New Features

    • Support for Windows Server 2022

    From now on, Dragon Platform completely supports Windows Server 2022.

    • Permission Management for Multiple Roles

    If more than one role is assigned to a user and/or user group, a combination of the permission set of related roles will be considered when determining the permissions of the user/user group.

    • Ability to Skip Security Warning Popup for a Year

    When Comodo Advanced Endpoint Protection is not installed on any endpoint, the security warning popup is being shown, and now users can choose to hide the popup up to one year.

    • Export/Import Functionality for Monitors

    Monitors under the Configuration Templates section will be imported and exported collectively.

    Improvements

    • Redesign of the Device List table layout

    Device List Table layout under “Device Management” and “Group Management” pages are redesigned to be able to show all texts at the columns and distribute columns properly. Icons are combined at OS and name columns in order to gain more space.

    • Rename Procedure Scheduler Option

    When a procedure is added to a profile with a “once” scheduler option, it will be executed once on an endpoint at a selected time. “Never” is renamed as “Once”.

    Bug-Fixes

    • Fixed the issue of the enrollment link not sent.   
    • Fixed the device doesn’t connect to the specified Wi-Fi issue when using the hidden SSID.   
    • The system performance issue with EDR installed has been fixed.   
    • Fixed the issue of Beta reports failing in the US region.   
    • The issue of the “Client security is not installed” filter of is not showing the correct number of unprotected endpoints has been fixed.   
    • Fixed the issue of getting an error when switching back to the master account from the partner portal.   
    • Fixed the issue of incomplete AV exclusions list in case more than 1 profile is associated with macOS device.  
    • Fixed the issue of restricting access from assigning Role but to giving access to create user.  
    • Fixed the issue “users.rbac.manage” permission hiding “Customer” field in “Create User” popup.  

    Secure Email Gateway

    Bug-Fixes

    • Fixed the issue of Secure Email Gateway was unable to block a spoofed email sender. Related to this, the SPF and DKIM tests were not done according to the headers but the email was delivered to the inbox issue has been also fixed.
    • Fixed the email bounce back issue.  
    • Fixed the issue of unable to re-send email from Archive.  
    • Fixed the issue of more than an hour delay in receiving emails.  

    Secure Internet Gateway

    Bug-Fixes

    • Fixed the issue of SIG Platinum is not shown on Store for customers who have only Gold version.  

    Appendix

    New Portal Versions

    Portal: 7.0.42096.22040
    Comodo One: 3.49.0

    New Windows Client Versions

    Comodo Communication Client (Windows): 7.0.42010.22030
    Comodo Remote Control (Windows): 7.0.42001.22030

    New macOS Client Versions

    Comodo Communication Client (MacOS): 7.0.41970.22030
    Comodo Security Client (MacOS): 2.4.4.966
    Comodo Remote Control (MacOS): 7.0.42003.22030

    New Android Client Versions

    Android Mobile Device Management Client (CDN): 7.0.0.10

    New Linux Client Versions

    Comodo Communication Client (Linux): 7.0.41995.22030

    Comodo Dragon Enterprise Hotfix Release (March 4, 2022)

    Bug-Fixes

    • Fixed the issue of alerts are not occurring even if events occur. The structures that handle events and generate alerts have been refactored to scale, and their speed has been increased.

    Comodo Dragon Enterprise Hotfix Release (February 16, 2022)

    Bug-Fixes

    • Fixed the EDR Alerts issue of not appearing in the Alert Panel.

    Comodo Dragon Enterprise Hotfix Release (January 27, 2022)

    Bug-Fixes

    • Fixed the issue of showing blank page periodically on Dragon Enterprise.

    Comodo Secure Email Gateway Hotfix Release (January 25-26, 2022)

    Improvements

    • Performance Improvements

    System performance is greatly enhanced via updating messaging and queue services along with other core components.

    Comodo Dragon Platform January Release (January 19-20, 2022)

    Dragon Enterprise & Platform Portals

    Bug-Fixes

    • Fixed the issue of wrong sub-menu tab appearance in UI. 
    • Fixed the issue of date format inconsistency.

    Cyber Security

    New Features

    • External Device Control for MacOS 

    With this feature, all matched external devices connected to the Mac can be blocked or allowed by partial name / ID.

    Comodo Client Security & EDR

    MacOS

    New Features

    • Support for Apple M1 chipset 

    From now on, Security agent for MacOS is able to run on M1 chipset with all capabilities. For Security agent for MacOS to run properly on M1 chipset, Apple Rosetta application must be installed for once.

    Bug-Fixes

    • Fixed the issue of ‘View Logs’ section crashing when clicking ‘Configuration Changes’ in View Logs Section on MacOS 11.5/12.1
       

    Device Management & Licensing

    New Features

    • Support for Apple M1 chipset 

    From now on, Communication agent for MacOS is able to run on M1 chipset with all capabilities. For Remote Control to run properly on M1 chipset, Apple Rosetta application must be installed for once.

    Bug-Fixes

    • Fixed the issue that “Comodo Client Security Report Issues” would include device duplicates if the device is a member of several device groups.
    • Fixed the issue that the Secure Internet Gateway module is unable to be activated for the Dragon Enterprise portal.
    • The UI issue of clipping the device name information in “Execution Log of Procedures” has been fixed. 

    SOC as a Platform (SOCaaP)

    Bug-Fixes

    • Fixed the issue of not showing failed O365 login events on SOCaaP.   

    Secure Internet Gateway

    Bug-Fixes

    • Fixed typo in the Secure Internet Gateway widget on UI. 

    Appendix

    New Portal Versions

    Portal: 6.44
    Comodo One: 3.48.0 

    New MacOS Client Versions

    Comodo Communication Client (MacOS): 6.44.41333.22010
    Comodo Security Client (MacOS): 2.4.4.965

    Comodo Dragon Platform December Release (December 15-16, 2021)

    Dragon Enterprise & Platform Portals

    New Features

    • SOCaaP in Dragon Enterprise

    SOCaaP is now available in Dragon Enterprise Platform. 

    • MDR and SIEM in Dragon Enterprise

    MDR and SIEM are now reachable through the Dragon Enterprise Platform.

    • MSP account creation ability in Dragon Enterprise

    From now on, customers can register to Dragon Enterprise Platform as an MSP type.

    Improvements

    • Improvements of adding customers within Dragon Enterprise

    From now on, customer management can be done directly on Dragon Enterprise Platform, without the need to switch to Dragon Platform.

    • Staff Users to Initiate Account Provisioning at First Login for Dragon Enterprise

    From now on, any Dragon Platform user can login to Dragon Enterprise Portal and initiate Dragon Enterprise account provisioning.

    • Adding hash fields to event queries

    Hash fields are built for event queries.

    • Per-user time range filter in the dashboard

    In the dashboard, the per-user time range filter will be able to display and treeviews will be able to page.

    • Ability to switch between Dragon Platform and Dragon Enterprise

    From now on, Dragon Enterprise customers will be able to switch between Dragon Enterprise Portal and vice-versa, by clicking the switch button.

    Bug-Fix

    • Fixed the issue of EDR alerts not displaying in the portal
    • Fixed the issue of initiating provision at the first login (uniform login issue between Dragon Platform and Dragon Enterprise

    Cyber Security

    New Features

    • Ability to block SQL script execution via virtualized OSQL and SQLCMD

    SQL script executions via virtualized OSQL and SQLCMD can be detected and blocked.

    Improvements

    • EDR Agent Exclusion in the Default Windows Profile

    EDR exclusion has been added to Windows profiles in order for EDR and Comodo Client – Security agents to work together properly.

    Comodo Client Security & EDR

    Windows

    New Features

    • CLSID monitoring by Autoruns Scan&Monitor feature

    CLSID locations are added to autorun scan&monitor in order to prevent persistent infection.

    • Comodo Client Security Report Tool Improvements

    From now on, the Comodo Client Security Report tool collects many different kinds of data in order to better understand the problematic area(s) whenever an issue occurs. Moreover, EDR logs are now being collected.

    Improvements

    • Filtering traffic events from AV-SCANNER

    Reading file hashes has been improved. Comodo Client Security is now able to read file hash for valid files.

    • Handling replacing files in Autorun

    New autorun handling procedure will be able to start autorun action when executable files added/copied/overwritten to/at location previously registered in autorun defined in registry.

    Bug-Fix

    • Fixed the issue of VPN application is not functioning with Comodo Client Security
    • Fixed the issue where the Comodo Client Security database log size is larger than 100 megabytes
    • Firewall blocking website actions while using VPN issue is fixed
    • Fixed the issue of Comodo Client Security keeps wanting to restart the PC
    • Fixed an issue of Comodo Client Security keeps asking for restart after Containment/Antivirus deactivation, thus also fixed persistent ‘Attention Needed’ status after Containment/Antivirus component disabling and reboot
    • Fixed the issue of the alert of Comodo Client Security stating “Needs Attention”
    • Fixed the issue of permanent Comodo Client Security restart request due to Containment deactivation
    • Fixed the issue with Comodo Client Security “Updated” events in Windows application event log
    • Fixed the issue of Comodo Client Security notifications not showing when custom rebranding applied to Comodo Client Security
    • Fixed the issue of the application could not be started in “Containment” from desktop shortcut while Virtual Desktop session is active
    • The issue of unable to restore a quarantined file from the portal is fixed
    • Fixed the issue of firewall network zones inconsistent behavior
    • Fixed the issue of EDR agent causes Audio service crashes
    • Fixed the issue where EDR agent is blocking the camera, speaker, and microphone

    MacOS

    Bug-Fix

    • Applications freeze problem on MacOS device is fixed
    • Fixed the issue of Comodo Client Security for MAC devices does not refresh infected item list if files were deleted from the system
    • Comodo high memory utilization issues on Mac book are fixed
    • Fixed the performance issues after installing Comodo Client Security for MAC

    Linux

    Bug-Fix

    • Fixed the issue of wildcard (*) does not work for Comodo Client Security for Linux exclusions if it is used inside of a file
    • Fixed the user interface issue of Comodo Client Security for Linux when updating and scanning
    • Fixed the issue of Bluetooth blocked after installing Comodo Client Security for Linux 2.3.1-540

    Device Management & Licensing

    New Features

    • Support for MacOS 12

    Endpoint Manager now fully supports MacOS 12.

    • Support for iOS 15

    Endpoint Manager now fully supports iOS 15 for mobile devices.

    • Support for Android 12

    Endpoint Manager now fully supports Android 12 for mobile devices.

    Improvements

    • One Reboot for Comodo Client – Security and EDR installment

    After both Comodo Client – Security and EDR are installed, only one reboot will be required instead of two reboots.

    • Endpoint Manager Alert Emails Redirecting to Comodo One Login Page for Comodo One Users

    Currently, Endpoint Manager alert emails contain direct Endpoint Manager links to the proper page. If a user is not logged in at that time, the alert emails will redirect Comodo One users to the Comodo One login page and the alert emails will continue to redirect Endpoint Manager users to the Endpoint Manager login page.

    • Comodo Communication Client Synchronization Configuration Settings

    From now on, Comodo Communication Client continues to synchronize configuration settings which can not be changed locally.
    – Baseline mode for Containment
    – Temporary Training mode for HIPS
    – Temporary Training mode for Firewall

    Bug-Fix

    • Wrong popup window (activation instead of uninstallation) appears during Comodo Communication Client uninstallation
    • Endpoint Manager Portal reports incorrect version for MacOS devices with version newer than 10.16
    • Fixed the issue of applying the latest discounts on postpaid invoices
    • Fixed the issue of not showing the correct last EDR agent release date and version on the Endpoint Manager support page
    • Fixed the issue of not disabling baseline mode automatically after it finished when “Enable local user to override profile configuration” option enabled
    • Fixed the issue of incorrect logs displaying when the filter is applied for script procedure logs execution
    • Unable to auto-enroll devices with network discovery issue is fixed
    • Fixed the issue of no data in executive reports after the September release

    SoCaaP (SOC as a Platform)

    New Features

    • Automatic Endpoint Compliancy Report Generation

    SOCaaP customers will be able to download automatically generated Endpoint Compliancy Report from the MDR reporting section for their managed endpoints.

    • Ability to Add Multiple Sensors under one Customer

    From now on, SOCaaP customers will be able to set up multiple sensors for a client so that they can collect events from different networks.

    • Sync Data Button on SOCaaP

    The customers will be able to reach the up-to-date data by the “sync data” button on SOCaaP without the synchronization cycle.

    Bug-Fix

    • Fixed the issue of data inconsistency under Alerts/Escalations and data under Customer Summary section. In addition, from now on, “Incidents” in the last 30 days will be shown everywhere.

    Secure Internet Gateway

    Improvements

    • Adding New Column for Roaming Agent Table

    Secure Internet Gateway portal where devices are listed will have a column last successful connection like Comodo Communication Client has.

    Bug-Fix

    • Fixed the issue of validation about allowing entire domains such as “pub, xyz etc” on Blacklist page

    Secure Email Gateway

    Improvements

    • Additional description for “TLD Domain rule”

    Additional description for “TLD Domain rule” operation in audit logs has been added to know which one suffix worked

    Bug-Fix

    • Fixed the unable to download with containment issue about “Containment service temporarily unavailable” error when trying to open attachment
    • Fixed the issue of sorting by sender returns error for quarantined items
    • Notification email is now branded as Secure Email Gateway and showing containment file extensions

    Appendix

    New Portal Versions

    Portal: 6.43

    New Windows Client Versions

    Comodo Communication Client (Windows): 6.43.41148.21120
    Comodo Client – Security (Windows): 12.10.0.8697
    Comodo Remote Control (Windows): 6.43.41137.21120
    Endpoint Detection and Response: 2.4.0.4

    New MacOS Client Versions

    Comodo Communication Client (MacOS): 6.43.41147.21120
    Comodo Security Client (MacOS): 2.4.4.941
    Comodo Remote Control (MacOS): 6.43.41136.21120

    New Android Client Versions

    Mobile Device Management Client: 6.17.2.7

    New Linux Client Versions

    Comodo Client – Security (Linux): 2.3.1.548

    Comodo Dragon Platform Hotfix Release (November 10, 2021)

    Dragon Enterprise & Platform Portals

    BUG-FIX

    • Fixed the issue of staff verification email being sent in a different language.
    • Fixed the issue of wording typo on Account Security Details section.
    • Fixed the issue of wrong titles on MSP/Enterprise Comparison table.
    • Fixed the issue of incorrect notification when Service Desk is provisioned.

    Device Management & Licensing

    Bug-fix

    • Fixed the issue of Walkme Snippet existing on Patch Management section.
    • Fixed the issue of wording typo on Application Launch section.
    • Fixed the issue of inability to download Communication Client MSI package.
    • Fixed the issue of application rules containing empty entries on Firewall section under predefined profiles.
    • Fixed the issue of inconsistency between initial Endpoint Manager profile and profile created from exported Comodo Client – Security configuration.
    • Fixed the issue of inability to delete folders under Network Management – Monitors section.
    • Fixed the issue of “Last Communication Time” Connectivity Metric is N/A in tickets created for Online Status Monitor.

    Appendix

    New Client Versions

    Comodo – Communication Client (Windows): v6.42.40901.21091

    Comodo Dragon Platform Hotfix Release (October 6, 2021)

    Comodo Client Security & EDR

    Windows

    New Features

    • Operating System Support
      • CCS Support for Windows 11
        Comodo Client – Security now fully supports Windows 11.
    • Breach Prevention Improvements
      • Terminating full process tree after detection
        From now on, when a malicious process is detected, entire process tree can be terminated instead of only termination of the malicious process
      • Block Option for SQL Script Execution via Virtualized OSQL and SQLCMD
        SQL script executions by some applications via OSQL and SQLCMD can now be blocked.
      • Synchronous Local Verdict Server Lookup Option
        From now on, Comodo Client – Security can be configured to use synchronous Local Verdict Server lookup, which will ensure that a file has the most recent rating.
    • CIS Report Tool Improvements
      From now on, CIS Report tool collects much more different kinds of data in order to better understand the problematic area(s) whenever an issue occurs. Moreover, EDR logs are now being collected.
    • Ability to Turn On/Off HIPS and Firewall Application Rules
      HIPS and Firewall rules can now be turned off, which will allow users to temporarily or permanently disable rule(s) without deletion.

    Bug-fix

    • Different behavior for application running inside and outside of Containment (Kryptik not working in containment)
    • Unable to type Chinese symbols in Containment
    • New version of EDR Agent is 2.0, Old version is 2.3 (causes upgrade problem)

    Device Management & Licensing

    Bug-fix

    • C1/Itarian/Dragon must fully re-create the list of discounts during sync with CAM
    • C1/Itarian/Dragon must apply latest discount set
    • RMM agent detects wrong architecture (x86 instead of x64) for 3rd party application
    • EM Dashboard Vulnerability widgets reporting issue
    • Do not send EDR Trial License Expiration Emails
    • EM support page doesn’t show the correct last EDR agent release date and version
    • Patch Compliance percentage bar shows incorrect value in case all patches installed
    • Incorrect grammar in notifications email
    • EDR agent release date is not updated on Dragon Enterprise EM Portal > Support page

    Appendix

    New Portal Versions

    Portal: 6.42.2

    New Windows Client Versions

    Comodo – Security Client (Windows): v12.9.0.8649
    EDR: 2.3.1.201

    Comodo Communication Client for Windows Hotfix Release (September 18, 2021)

    Device Management & Licensing

    Bugfixes

    • Fixed the issue of Containment Baseline being re-activated after Communication Agent upgrade from 6.41.40474.21060 to 6.42.40854.21090

    APPENDIX

    New Client Versions:

    Comodo Communication Client (Windows): 6.42.40901.21091

    Comodo Dragon Platform September Release (September 15-16, 2021)

    Dragon Enterprise & Platform Portals

    Improvements

    • API Tokens should be passed to account admin when related staff is deleted.

    When an API token is generated under a staff, it can be still used even if the staff is deleted. The ownership of the API token is now passed to the account admin user.

    • Events/Alerts Improvements

    File path and file name are shown for EDR Malware events/alerts now. Autorun Ignore type was removed from EDR alerts.

    • UI Improvements

    Brighter colors are used now on the pie chart on the Dragon Enterprise dashboard.

    • Refactoring for Performance and Scalability Issues

    Refactoring has been done for performance and scalability issues.

    Bug-fix

    • Alerts cannot be sent to MDR in some cases

    Cyber Security

    New Features

    • Restart Control Options for CCS
      • Restart control options to Comodo Client – Security uninstallation

    Restart control options are added to Comodo Client – Security Uninstallation wizard.

    Improvements

    • Whitelisting/Blacklisting Improvements
      • Add default HIPS, Containment and Firewall whitelist rules for commonly used apps and actions

    Whitelisting is made easier! From now on, the only thing you will need to do is to add file paths under “Global Whitelist” default file group variable (empty by default) and voila! All necessary exclusions are already in place on several security related components, like Antivirus, Containment, HIPS and Firewall.

    Moreover, additional whitelisting rules for commonly used applications are added on HIPS, Containment and Firewall sections on default profiles. Additional rules are disabled by default, where you can enable them if needed.

    • Extend Predefined Antivirus Exclusions for Improved Performance

    Files related to Windows Update, Windows Security, Windows Group Policies and Windows User Profiles are excluded from Antivirus scans in order to increase performance. Those exclusions are enabled on all predefined profiles.

    Bug-fix

    • Unable to change files rating under Autoruns through portal
    • Pagination is missing for Application Control

    Comodo Client Security & EDR

    Windows

    New Features

    • Operating System Support
      • CCS Support for Windows 11

    Comodo Client – Security now fully supports Windows 11.

    • Breach Prevention Improvements
      • Terminating full process tree after detection

    From now on, when a malicious process is detected, entire process tree can be terminated instead of only termination of the malicious process

    • Block Option for SQL Script Execution via Virtualized OSQL and SQLCMD

    SQL script executions by some applications via OSQL and SQLCMD can now be blocked.

    • Synchronous Local Verdict Server Lookup Option

    From now on, Comodo Client – Security can be configured to use synchronous Local Verdict Server lookup, which will ensure that a file has the most recent rating.

    • CIS Report Tool Improvements

    From now on, CIS Report tool collects much more different kinds of data in order to better understand the problematic area(s) whenever an issue occurs. Moreover, EDR logs are now being collected.

    • Ability to Turn On/Off HIPS and Firewall Application Rules

    HIPS and Firewall rules can now be turned off, which will allow users to temporarily or permanently disable rule(s) without deletion.

    Bug-fix

    • Different behavior for application running inside and outside of Containment (Kryptik not working in containment)
    • Unable to type Chinese symbols in Containment
    • File association problem for MS Office files (EDR Agent)

    Device Management & Licensing

    New Features

    • Latest Stable Agent Versions
      • Latest Stable version option on Agent Update Settings

    We are introducing the “latest stable” version under Agent Update Settings. You will be able to choose “Latest Stable Version” and make sure that agent gets the update only after a newer version is marked as “stable”.

    • Bulk Installation Package Improvements
      • Signed Bulk Package

    From now on, you will be able to download and execute default signed bulk packages, which will prevent Microsoft Windows UAC warning messages when installer is executed. You will still be able to customize your bulk packages according to your needs.

    • Shortened URLs for Bulk Installation Package Links

    Enrollment and bulk package links will be offered in shortened form in order to increase usability and distribution.

    • Export Functionality for Global Software Inventory

    Global Software Inventory can be exported to csv.

    • Android MDM Report

    Android MDM report can be generated under the reports section, including much information regarding your Android devices.

    • Multiple Sessions to Same Endpoint

    Remote Control now supports multiple sessions to be opened to the same endpoint at the same time. This way, you will be able to take control of the same endpoint from different machines simultaneously.

    • Customer selection dropdown list on Change Owner popup menu

    Customer selection dropdown list is added to Change Owner popup menu

    • Sending a single invoice to partners including all usages of their clients

    From now on, single invoice will be sent to partners including all usages of their clients

    Improvements

    • Portal Auto-Reactivation
      • Automatic restore of Endpoint Manager portal from On Hold state due to inactivity when user logs in

    Endpoint Manager now automatically restarts account restoration process when an account is on hold because of inactivity.

    • “Service Availability Check” procedures links under Comodo Client – Security  install page and on Device List

    From now on, you will be able to check our firewall requirements for before you install Comodo Client – Security

    • Missing Available Comodo AEP Seat Warning

    While you are deploying Comodo Client – Security agent to your endpoints, there will be a warning message shown if you don’t have enough Comodo AEP seats, indicating that the system will switch to postpaid for overuses.

    Bug-fix

    • Acronis Payment issue
    • Unable to enroll a user for AEP on MacOS
    • Unable change owner for bulk with 20 devices. Server error 502.
    • Certificate issue with macOS installation packages – packages can be installed ONLY after manual approval by end-user
    • Third-Party app scan is not being finished
    • Bug allowing to install CCS on Linux and macOS endpoints despite “Comodo Client – Security” extension is disabled
    • 3rd party patch operations occur for declined apps
    • Companies are not populated within Beta reports
    • Not Sending EDR Trial License Expiration Emails
    • Malware Status table contains incorrect data in Executive Windows Antivirus Report
    • EM sends New Infection Detected alert for the same item every time the item reported from the device
    • Bulk installation package is blocked on Windows 10 21H1
    • A search for Vulnerability CVE-2021-34527 in comodo showed no results
    • A license key should not be used on multiple portals

    Secure Internet Gateway

    Bug-fix

    • Unable to access two public domains with SIG agent installed
    • Turkish websites cannot be categorized on CWF

    Secure Email Gateway

    Bug-fix

    • Unable to access SEG Enterprise from C1 portal
    • LDAP filtering issue
    • Missing Emails with no classification

    APPENDIX

    New Client Versions:   

    Windows Communication Client : 6.42.40854.21090

    Windows Comodo Client – Security: v12.8.1.8597 (previous)

    Windows Remote Control :6.41.40231.21060

    Windows Endpoint Detection and Response Client: 2.3.1.200

    macOS Communication Client: 6.42.40864.21090

    macOS Comodo Client – Security : 2.4.4.897 (previous)

    macOS Remote Control: 6.42.40804.21090

    iOS Mobile Device Management Client : 1.3.0 (previous) 

    Android Mobile Device Management Client: 6.17.1.5 (previous)

    Linux Communication Client: 6.38.39165.20090 (previous)

    Linux Comodo Client – Security: 2.3.1.540 (previous)



    Comodo Dragon Platform Hotfix Release (July 9, 2021)

    Endpoint Manager

    Endpoint Manager Core

    Bugfixes

    • Fixed the issue of inability to update Comodo Client – Security to any higher available version when the default version is set to the version installed on an endpoint.
    • Fixed the issue of Comodo Client – Security unintended automatic update and cause unplanned restart on Windows Server 2008 R2.

    Comodo Client – Security

    Bugfixes

    • Fixed the issue of Excel.exe, Sharex.exe being crashed with latest Comodo Client – Security version 12.8.0.8595
    • Fixed the issue of getting BSOD after uninstalling latest Comodo Client – Security version 12.8.0.8595 on devices running Windows 10 20H2

    APPENDIX

    New Portal Versions:  

    Endpoint Manager Portal: v 6.41.1 

    New Client Versions:   

    Windows Comodo Client – Security: v 12.8.1.8597

    Comodo Dragon Platform June Release (June 16-17, 2021)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    • Android 11 KNOX is now fully supported on Endpoint Manager.
    • Ubuntu 21.04 is now fully supported on Endpoint Manager.
    • Pricing model description is added to Bill Forecast page.

    Improvements

    • Google Chrome and Galaxy Store can be managed over Mobile Applications List.

    Bug Fixes

    • Fixed the issue of inability to uninstall apps from software inventory.
    • Fixed the issue of Comodo Client – Security logs are missing on Endpoint Manager Portal.
    • Fixed the issue of the operating system name not being displayed for Android devices on device list export.

    Security

    Improvements

    • HIPS option “Create rules for safe applications” is disabled by default for all predefined Endpoint Manager profiles.
    • Web Filtering configurations are excluded on profile processing.
    • Block Malicious files rule is added to Containment baseline mode.

    Bugfixes

    • Fixed the issue of inability to change file rating under Autoruns through Endpoint Manager Portal.

    Data Loss Prevention  

    • Turkish Nationality ID Number is added as a predefined pattern.

    Remote Monitoring and Management

    Bug Fixes

    • Fixed the issue of the procedure failed due to unknown reasons just after it was started.

    Patch Management

    Bug Fixes

    • Fixed the issue of inability to Uninstall Cumulative updates (KB5000802).

    Remote Control

    New Features

    • Ability to connect to different devices via RC for users connected to the RDS server who use RC at the same time

    Remote Control now supports multiple users who are connected to the RDS server to connect to different endpoints at the same time using Remote Control

    Bug Fixes

    • Fixed the issue of accented characters not typed as expected on target device via RC connection.

    Comodo Client Security 

    Windows

    New Features

    • Infrastructural changes have been made in order to move embedded code detection logs to another tab in Application Control with the ability to query content of the script on demand.

    Bugfixes

    • Fixed the issue of Comodo Client – Security agent does not detect embedded code in autoruns if interpreter is renamed
    • Fixed the issue of Comodo Client – Security full scan is aborted after ~10 minutes.
    • Fixed the issue of incorrect process name is added to the registry by Comodo Client – Security.
    • Fixed the issue of Web Filtering blocking wrong applications.
    • Fixed the issue of cavwp.exe crashing on Terminal Server 2008R2 with the latest Comodo Client – Security 12.0.0.7959.
    • Fixed the issue of the keyboard not working after CCS uninstallation.
    • Fixed the issue of Comodo Client -Security v.12.7.1.8539 Causing Bugcheck 0xCA on Windows Server 2019.
    • Fixed the issue of Comodo Client – Security v.12.6 diagnostic is failing with errors.

    Data Loss Prevention:

    • Refresh Capability while Discovery Scan 

    Ability to refresh Discovery Scan list while a scan is in progress.

    • Removable Storage Rule Enhancements

    Capabilities of removable storage detection is extended with below removable storage types:

    • External HDDs /SSDs 
    • Optical Devices (CD/DVD) 
    • SD, Micro SD Cards, SDXC-SDHC cards 
    • eSata removable drives 
    • FireWire connected devices 
    • Devices using MTP protocol

    Portal

    New Features

    • Account Security Improvements
      • User can change the option for 2FA between Authenticator and SMS Code.
      • Answers for the security questions is now only showing the initial character and the others are hidden.
      • Ability to define periods to enforce password change.
    • Dragon Platform is now offering SIEM by default
      • You can now fully benefit from 100% integrated Comodo SIEM within Dragon Platform 

    Bugfixes

    • Fixed the issue of invalid request error on https://status.itarian.com, https://status.one.comodo.com and https://status.platform.comodo.com at page load.

    APPENDIX

    New Client Versions:   

    Windows Communication Client : 6.41.40474.21060

    Windows Comodo Client – Security:v12.8.0.8595

    Windows Remote Control :6.41.40231.21060

    Endpoint Detection and Response: 2.3.0.195 (previous)

    macOS Communication Client: 6.41.40230.21060

    macOS Comodo Client – Security : 2.4.4.897 (previous)

    macOS Remote Control: 6.41.40232.21060

    iOS Mobile Device Management Client : 1.3.0 (previous) 

    Android Mobile Device Management Client: 6.17.1.5

    Linux Communication Client: 6.38.39165.20090 (previous)

    Linux Comodo Client – Security: 2.3.1.540 (previous)

    Comodo Dragon Platform Hotfix Release (May 12, 2021)

    Endpoint Manager

    Endpoint Manager Core

    Bugfixes

    • Fixed the issue of 502 Bad Gateway while opening Application Control.
    • Fixed the issue of Windows applications are not sorted by versions in Windows Application Store.
    • Added label “up to Android 10” label for Phone number and IMEI number fields in Device summary for Android devices running Android 11 as it is not possible to fetch phone number and IMEI number due to additional restrictions introduced with Android 11.

    Remote Monitoring and Management

    Bugfixes

    • Fixed the issue of “Run as Local System User” in procedure execution parameter is reset to default value after choosing the procedure.

    Portal

    Bugfixes

    • Fixed the issue of Acronis Subscription can not be renewed (rare case).

    Comodo Dragon Platform March Release (March 17-18, 2021)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    • Remove focus from “Reboot Now” button

    Ability to remove the keyboard focus from the “Reboot Now” button. After this feature, even if the users accidentally presses the any key from their keyboard, the endpoint will not rebooted. Users needs to select and apply the reboots options.

    • Add *msedge.exe to Web Browsers file group

    Ability to have the new Microsoft Edge Browser variable on the “File Group Variables” page. After this feature, the users will be able to use the new Microsoft Edge Browser variable according to their needs as well.

    • Support for MacOS 11

    Endpoint Manager now fully supports devices running MacOS 11 operating systems. You will be able to use all functionality of ITarian Communication Agent and Comodo Client Security for this MacOS distribution.

    • Support for Android 11

    Endpoint Manager now fully supports mobile devices running Android 11operating systems. 

    Bug Fixes

    • Fixed the issue of Android MDM application non-persistent behavior.
    • Fixed the issue of the same files not being detected on multiple servers.
    • Fixed the issue of inability to clone profiles with the Maintenance Window section.
    • Fixed the issue of inability to export device list in CSV using Firefox.
    • Fixed the issue of scheduled procedures not running during the maintenance window.
    • Fixed the issue of Communication Agent uninstallation failure.
    • Fixed the issue of deleted companies populating on the Customer Selection section  in Beta Reports.

    Security

    New Features

    • Virtual desktop to support Ability to set timeout for inactive session termination

    Ability  to auto-pause the Virtual Desktop session if the session is not activated in the given time period.

    Data Loss Prevention  

    • Screenshot Rule

    Ability to restrict their users to take screenshots and log the performed actions according to their preferences.

    Remote Monitoring and Management

    New Features

    • New Custom script monitoring triggering methods

    Ability to have a new monitor triggering method that generates alert while the conditions are changed even when the monitor is ‘ON’ state. After this feature, the users will be able to use this triggering method for getting alerts while their monitor is still on ‘ON’ state.

    Bug Fixes

    • Fixed the issue of scheduled procedures on the first or last day of a month being executed daily.

    Patch Management

    Bug Fixes

    • Fixed the issue of scheduled OS patch management tasks are not executed according to the schedule.

    Comodo Client Security

    Windows

    New Features

    • Virtual desktop password and disclaimer options to be not modifiable by user

    Ability to disable VDI password and disclaimer options when “Allow user to override Virtual Desktop settings” setting is enabled on portal.

    Improvements

    • Realtime file check handling

    Realtime file rating operations are improved to prevent Trusted files from being rated as “Unrecognized”

    Bugfixes

    • Fixed the issue of Comodo Client – Security agent detecting scheduled tasks as unrecognized if environment variables are used within task options for running Trusted Applications.
    • Fixed the issue of infected items not auto cleaned after full scan is completed.
    • Fixed the issue of AV Database update not running every hour by scheduler.
    • Fixed the issue of Comodo Client – Security causing crashes on other applications when a third party DLP solution is installed.

    Data Loss Prevention

    • Database Discovery Rules

    Ability to create “dynamic” keywords which are automatically updated with each database search. 

    • Discovery Scheduling

    Ability to configure schedule for Discovery rules.

    • Additional Predefined Patterns

    Additional Predefined pattern implemented on CCS .List is as below:

    • Turkish Nationality ID Number 
    • Credit Card Track Numbers
    • Encrypted Archive 
    • Encrypted Document 
    • Source Code (C,C++,C#,PHP etc.)

    BugFIxes

    • Fixed the issue of DLP not recognizing credit card numbers properly.

    Portal

    New Feature

    • Adding company information into PDF Invoice

    Ability to include company VAT information to the invoices. After this feature, the users will be able to review and use invoices with VAT information according to their needs.

    APPENDIX  

    New Client Versions:   

    Windows Communication Client : 6.40.40080.21030

    Windows Comodo Client – Security:12.7.0.8527

    Windows Remote Control :6.37.38738.20070 

    Endpoint Detection and Response: 2.3.0.195 

    macOS Communication Client: 6.40.40078.21030

    macOS Comodo Client – Security : 2.4.4.897

    macOS Remote Control: 6.37.38735.20070

    iOS Mobile Device Management Client : 1.3.0 

    Android Mobile Device Management Client: 6.17.0.9

    Linux Communication Client: 6.38.39165.20090 

    Linux Comodo Client – Security: 2.3.1.540

    Comodo Dragon Platform December Release (December 16-17, 2020)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    • Support for Red Hat Enterprise Linux Server 8.х x64 (with GUI)

    Endpoint Manager now fully supports devices running Red Hat Enterprise Linux Server 8.х x64 (with GUI) operating systems. You will be able to use all functionality of ITarian Communication Agent and Comodo Client Security for this Unix distribution.

    • Wake-on-LAN

    With this feature, you will be able to start up your endpoints remotely, directly from Endpoint Manager console.

    • Addition of Profile(s) applied on Endpoints on Device List CSV Export

    All profiles that are associated with your endpoints will be listed as a separate column on Device List CSV export.

    • Addition of Group Information of Endpoints on Device List CSV Export

    All groups that your endpoints belong to will be listed as a separate column on Device List CSV Export.

    • Access Scope Management Improvements for Multiple Roles

    From now on, users will have all the permissions given on access scopes when they are assigned to multiple roles

    Bug Fixes

    • Fixed the issue that “Subject contains probe device name instead of monitored device name in email notification sent from portal”
    • Fixed the issue of removing beta tag from remote tools for everyone
    • Fixed the issue of hiding Remote Control with old RMM in C1 frame.
    • Fixed the issue of the working save button of the profiles.
    • Fixed the issue that “CCC does not report Autorun items to portal”
    • Fixed the issue of that “ITSM Service terminations and crashes on Windows 7 device with Endpoint Manaer 6.38 agent installed”
    • Fixed the issue of showing the active components in the group management.
    • Fixed the issue that “https://download.comodo.com/av/updates58.torrent” is not updated on Production environment”

    Security

    New Features

    • “Follow the link to see details” in “New Infection Detected!” alert should lead to Current Malware List filtered by device name.

    The aim of this feature is to be able to be redirected to the filtered ‘Device List’ page and review only the affected devices. After this feature, the users will be able to click to the “Follow the link to see details” hyperlink and review the filtered ‘Device List’ grid according to the related devices.

    Data Loss Prevention  

    • Status Column for invalid DLP Rules

    The aim of this feature is to be able to review the status of the DLP rules. After this feature, the users will be able to know the DLP rules are valid or invalid to use and get the expected results.

    Patch Management

    Improvements

    • Updates on CVE Lists to Cover Vulnerabilities after 2020

    Reporting

    • Improvement of Executive Summary Report 

    The aim of this feature is to have the improved version of the Executive Summary Report.After this feature, the users will be able to see more detailed information.

    Bug Fixes

    • Fixed the issue that “Generated Hardware Inventory reports duplicate heading “
    • Fixed the issue that “Executive summary report is created with wrong counters”
    • Fixed the issue that “Executive ticket summary report came out empty.”

    Portal

    New Features

    • Changes on Automatic Forum Registration for MSP Accounts

    From now on, newly registered MSPs will receive verification and password set email for their automatic forum registrations.

    Bug Fixes

    • Fixed the issue of accessing the store in Comodo/ITarian while different portal languages are used.
    • Fixed the issue of applying autofocus on 2FA code pages.
    • Fixed the issue of sending excess postpaid bills to Endpoint Manager.
    • Fixed the issue that “Invalid date error during 2FA configured”
    • Fixed the issue that “Account creation issue for free product.”

    APPENDIX

    New Client Versions:

    Windows Communication Client: 6.39.39660.20120

    Windows Comodo Client – Security: 12.5.0.8351

    Windows Remote Control: 6.37.38738.20070

    Endpoint Detection and Response: 2.3.0.195

    macOS Communication Client: 6.38.39211.20090

    macOS Comodo Client – Security : 2.4.4.865

    macOS Remote Control: 6.37.38735.20070

    iOS Mobile Device Management Client: 1.3.0

    Android Mobile Device Management Client: 6.16.0.12

    Linux Communication Client: 6.38.39165.20090

    Linux Comodo Client – Security: 2.3.1.540

    Comodo Dragon Platform September Release (September 23-24, 2020)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    • Support for Centos 8.x 

    Endpoint Manager now fully supports devices running CentOS 8.x operating systems. You will be able to use all functionality of ITarian Communication Agent and Comodo Client Security for Linux. 

    • Support for Ubuntu 20.x  

    Endpoint Manager now fully supports devices running Ubuntu 20.x operating systems. You will be able to use all functionality of ITarian Communication Agent and Comodo Client Security for Linux. 

    • Support for Debian 9.x-10.x

    Endpoint Manager now fully supports devices running Debian 9.x-10.x operating systems. You will be able to use all functionality of ITarian Communication Agent and Comodo Client Security for Linux.

    Bug Fixes

    • Fixed the issue of ITSMService memory usage grows and the system goes offline on the portal.
    • Fixed the issue of delay in the device list search portal freezes during search.
    • Fixed the issue of free CAVM included in postpaid bills on Endpoint Manager portal.
    • Fixed the issue of not being able to use Chinese characters when adding new items to File Groups Variables.
    • Fixed the issue of wrong translations on Korean language.
    • Fixed the issue of not being able to turn on 2FA on EM portal.
    • Fixed the issue of Communication Client and Comodo – Client Security auto updates..
    • Fixed the issue of incorrect timings format in Remote Control Audit Logs report exported to CSV.
    • Fixed the issue of ITSMService being terminated unexpectedly.

    Security

    New Features

    • Separate full/quick scans from the custom (unrecognized) scan type\ when reporting AV scan status: The aim of this feature is to be able to see the given names of the Custom Scans on the Antivirus page. After this feature, the users will be able to see the custom name of the scan and search by the custom name. 

    Here is the wiki of this feature.

    Data Loss Prevention  

    Role Management Update for DLP

    The aim of this feature is to have a new page named “Data Protection Templates”. After this feature, the users will be able to review the ‘Patterns’ and ‘Static Keywords’ sections (that are located under the “System Templates” page).

    Here is the wiki of this feature.

    Improvements

    Security Dashboards, Refactor Audit logs: Old/New values for Containment section

    Bug Fixes

    • Fixed the issue of “Device List shows Android devices with outdated AV DB”
    • Fixed the issue of “Security Sub-Systems events are not updated on US instance”
    • Fixed the issue of Device tree filter not being applied when navigating between tabs in Security Dashboard
    • Fixed the issue of Error 403 on the “File List” page under Device details when permission “security.application-control” is disabled.
    • Fixed the issue of Error 403 on Antivirus page under Device details when permission “security.actions.change-rating” is disabled.

    Remote Monitoring and Management

    Bug Fixes

    • Fixed the issue of not being able to add URL conditions for Web pages under Monitors.

    Patch Management

    Bug Fixes

    • Fixed the issue of RMMService.exe being crashed constantly during patch scan operation.
    • Fixed the issue of RMMService.exe application crashing during scan missed patches with latest ITSM agent 6.37.38821.20070 installed.

    Reporting

    Bug Fixes

    • Fixed the issue about “Executive managed Devices and Executive Windows Antivirus report structure”
    • Fixed the issue of “No data of reports in ticket report”

    Comodo Client Security 

    Windows

    New Features

    • User Access Rights Verification added to Advanced Settings User Interface menu. “Comodo Dialog and Windows UAC” access types added. Users should prove access rights. 

    Here is the wiki of this feature.

    Data Loss Prevention:  

    Document Type Improvements for Discovery Rules:

    • Support different Unicode format text
    • Support DOCX format
    • Support HTML format

    Pattern Type Improvements for Discovery Rules:

    • Create “plain regex” basic pattern
    • Additional Predefined Patterns – Turkish Nationality ID Number
    • Additional Predefined Patterns – Credit Card Track Numbers
    • Additional Predefined Patterns – Source Code (C,C++,C#,PHP etc.)

    Linux

    New Features

    • Support for Ubuntu 20.4, Debian 9, Debian 10

    Client Security for Linux now fully supports devices running Ubuntu 20.4, Debian 9, Debian 10 operating systems. 

    Portal

    Bug Fixes

    • Fixed the issue of “Secure Email Gateway C1 Portal Integration Issues”
    • Fixed the issue of “SEG License Expire date is Different on C1 than CAM”
    • Fixed the issue of “There is no ticket when SLA expiring alert is seeing”

    Service Desk

    New Features

    • Setting Ticket Category screen, Sub-Category field is sorted alphabetically 
    • Disabling the “Is Billable” option under the Add Work Time in Service Desk
    • Adding new languages on SD side to support on portal  
      • Arabic
      • Chinese (Taiwan)
      • Polish
      • Romanian
      • Spanish
      • Korean

    APPENDIX  

    New Client Versions:   

    Windows Communication Client :  6.38.39085.20090

    Windows Comodo Client – Security: 12.5.0.8351

    Windows Remote Control :6.37.38738.20070

    Endpoint Detection and Response: 2.3.0.195 

    macOS Communication Client: 6.37.38604.20070

    macOS Comodo Client – Security : 2.4.4.851

    macOS Remote Control: 6.37.38735.20070

    iOS Mobile Device Management Client : 1.3.0 

    Android Mobile Device Management Client: 6.16.0.12

    Linux Communication Client: 6.28.26228.19060

    Linux Comodo Client – Security: 2.2.1.501

    Comodo Dragon Platform Hotfix Release (September 08, 2020)

    Endpoint Manager
    New Features

    • Endpoint Manager now fully supports below Linux operating systems:
      • Ubuntu 20.04
      • Debian 9.x
      • Debian 10.x

    Bug Fixes

    • Fixed the issue of invoice email showing wrong information about discounts.
    • Fixed the issue of inability to turn off Two-Factor-Authentication for Endpoint Manager users.
    • Fixed the issue of removed devices being still visible in device list with the name “Device removed”.
    • Fixed the issue of not being able to reset Two-Factor-Authentication token for users with the Administrator role.

    Dragon Portal
    Bug Fixes

    • Fixed the issue of Secure Email Gateway license expiration.
    • Fixed the issue of SSO failure in Mozilla Firefox when the option “Open licensed application on new tab” is enabled on “Settings” section.
    • Fixed the issue of Acronis Backup SSO failure.
    • Fixed the issue of below products not being shown on “Applications” menu for existing users.
      • EDR
      • Secure Web Gateway
      • Data Loss Prevention

    New Client Versions:
    Communication Client – Linux: 6.38.39165.20090
    Comodo Client – Security – Linux: 2.3.1.538



    Comodo Dragon Platform July Release (July 15-16, 2020)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    ●     Payment Notification Differentiation According to Roles

    From now on, only users with administrator roles will see notifications about payment issues. Users with a “User” role will not see any notifications about invoices or payment.

     ●     User Action Logs

    All user actions will be listed on the “Audit Logs” page.

    • Create New User
    • Send Password Recovery Email
    • User Rename
    • User Import
    • User Delete
    • Create New User Group
    • User Group Rename
    • User Group Delete
    • Add Users to Group
    • Remove Users to Group
    • Export to CSV (User List)
    • Export to CSV (User Group List)

    Here is the wiki of this feature.

     ●     Wi-Fi Network Restriction for iOS Devices

    iOS devices can be forced to use only allowed Wi-Fi networks.

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of ITSMService.exe not starting automatically after endpoint running Windows 7 gets restarted.
    • Fixed the issue of the filtering company/group not working in the “Global Software Inventory” section.

    Security

    New Features

    ●     Ability to change VD Background – (Windows profile (CCS rebranding): Ability to change VD Background)

    Here is the wiki of this feature.

    ●     Access Scope Role shows Containment items from Other companies: Containment logs page: Implement Device Tree

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of device tree filters being reset when navigating between tabs in the “Security Dashboard” section.

    Remote Monitoring and Management

    New Features

    ●     Disk Monitors

    Disk monitoring functionalities are extended with the below conditions:

    ●     Disk Utilization

    ●     Free space left on any disk

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of a predefined script procedure named as “Uninstall and reinstall Communication Client” is outdated and not working as expected.

    Patch Management

    New Features

    ●     Windows Third-Party Application Patching Support Improvements

    Windows Third Party Patch Management system now also checks the applications installed in “C:\Users\{user}\AppData\” folder in addition to “C:\Program Files\”. From now on, you will be able to find and manage more third-party patches for your devices.

    ●     Vulnerability Management Widgets in Dashboard

    We introduce 2 new dashboard widgets for Common Vulnerabilities and Exposures. From now on, you will be able track vulnerabilities from the Dashboard->Compliance page.

    ●     Top 5 Vulnerable Devices by Vulnerability Count

    ●     Top 5 Vulnerabilities by Device Count

    ●     Endpoint Patching Status Widget in Dashboard

    We now have the Endpoint Patching Status Widget added under Dashboard->Compliance. You will be able to easily track operating system patching statuses for your devices from this widget. 

    Remote Control 

    Bug Fixes

    • Fixed the issue of ‘’able to remote into servers where RC is turned off’’
    • Fixed the issue of ‘’mouse pointer is not visible when try to perform remote control’’

    Portal

    Bug Fixes

    • Fixed the issue of ‘’automatic redirection to SD doesn’t work during login into Portal in different browser’’
    • Fixed the issue of ‘’showing price in invoice emails is not correct.’’

    Comodo Client Security  Windows

    New Features

    ●     Ability to change background in Virtual Desktop.

    Here is the wiki of this feature.

    ●     CisCleanupTool improvements

    Here is the wiki of this feature.

    ●     Support PreVolumeMount event in scope of Device Control and Auto Scan features

    ●     FS Virtualization Unit – Testing

    Data Loss Prevention:  

    • HTML export for all Log tables present in the Logs View.

    Vulnerability Fixes

    ●     Update Quarantine and Delete File Flow for AV signature detection

    Bug Fixes

    ●     CCS performance issues – slow UI and slow scan speeds

    Comodo Dragon Platform June Release (June 3-4, 2020)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    • Ability to enforce passwords change every X days example 90 days

    From now on, administrators will be able to define password expiration period for Endpoint Manager users. With this feature, the Endpoint Manager users will be forced to change their password after password expiry period is over, just like ITarian users.

    Here is the wiki of this feature.

    • Support for Android 10 KNOX

    From now on, we are supporting devices having Android 10 KNOX operating systems.

    Bug Fixes

    • Fixed the issue of procedure not being skipped when maintenance window is in off state and option “Skip devices warned by maintenance window settings” enabled.
    • Fixed the issue of the unresponsive “Delete” button in Procedures section.
    • Fixed the issue of incorrect language on device enrollment wizard.
    • Fixed the issue of procedures being executed on all companies even if a certain company is chosen.
    • Fixed the issue of wrong search result appearing for Device Group field in Bulk Installation Package section.
    • Fixed the issue of inability to add host value in firewall rule if hostname includes numbers.
    • Fixed the issue of inability to generate quarantine report.
    • Fixed the issue of remote control not being loaded from Service Desk.
    • Fixed the issue of inability to save Antivirus section within existing profile.
    • Fixed the issue of “Old device only” filter showing incorrect results in Device List.
    • Fixed the issue of absence of “SubmitTicket” option inside Endpoint Manager agent for several devices after latest release.

    Security

    New Features

    • Ability to Hide/Unhide and “Show Hidden Event(s)” options will be added to Containment from Portal.

    Here is the wiki of this feature.

    Data Loss Prevention  

    • DLP Monitoring rules were moved to be able to be configured in ‘Configuration templates -> Data Loss Prevention’ section. All existing DLP Monitoring rules moved from profile level to portal level.

    Here is the wiki of this feature.

    Improvements

    • Improve Audit logs for ‘Export to csv’ actions

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of “Filters from Security Dashboard > Device View for separate components don’t work properly”

    Remote Control

    New Features

    ●       Ability to see password expire notifications 7 days before expiry and after password expires

    When a password expires, users need to change their password from Endpoint Manager to use Remote Control.  

    Here is the wiki of this feature. 

    Bug Fixes

    • Fixed the issue of ‘specific Chinese characters would make file transferring failed.’

    Remote Monitoring and Management

    New Features

    • Ability to Turn On/Off All Alerts

    You will be able to enable/disable the alert mechanism for the assigned profiles, monitors, procedures.. With this feature, admin will not get any alert or Service Desk ticket for the associated devices conditions.

    Here is the wiki of this feature.

    Improvements

    • “New Device Blocked By Device Control” monitor to not trigger once agent is updated

    The aim of this improvement is to be able to track already blocked external devices, so that when the Communication Client is upgraded, the admin will not get any alerts for already blocked external devices.

    Bug Fixes

    • Fixed the issue of “View Procedure” option allowing modification in the body of procedure without clicking to “Edit” button first.
    • Fixed the issue of “Another Antivirus solution installed” condition detecting Acronis Backup Agent 12.5.15300.

    Patch Management

    New Features

    • Patch Approval/Disapproval Mechanism

    From now on, you will have the ability to approve or disapprove any operating system or 3rd party application patch, including the option to auto-approve. This way, only approved operating system and 3rd party application patches will be applied to the endpoints.

    Comodo Client Security  

    Windows

    New Features

    Data Loss Prevention:  

    • Removable Storage Rule UI Simplification
    • CCS logs and ITSM integration extended  

    Vulnerability Fixes

    • Update AV detection flows with NTFS file identification check

    Bug Fixes

    • Fixed the issue of “CCS 12.2.0.8121 does not scan network paths via created scan”
    • Fixed the issue of “CCS doesn’t perform DLP discovery rules deletion from device after DLP section deletion within EM Profile”
    • Fixed the issue of “CCE scanned files are reported to ITSM as Unrecognized by CCS”
    • Fixed the issue of “Log rotation should be enabled by default in CCS config”

    Service Desk

    Improvements

    • Improvement for Portal Executive Ticket Summary
    • Improvement for ‘Submit ticket’ option within EM agent

    Bug Fixes

    • Fixed the issue of “Ticket has paused status instead of closed”
    • Fixed the issue of “SSO transmission does not work for EM portal links within SD tickets about devices Discovering”
    • Fixed the issue of “Calendar ticket event schedule issues”
    • Fixed the issue of “Incorrect timezone under ‘Admin Panel’ -> ‘Settings’ -> ‘System'”
    • Fixed the issue of “Unable to view a date picker option in the custom form”
    • Fixed the issue of “SSO transmission does not work for EM portal links within SD tickets about devices Discovering”
    • Fixed the issue of “Unable to delete custom ticket filters – an error ‘Unable to delete selected filters’ is returned”
    • Fixed the issue of “Unable to delete custom list if it was in use with some custom forms”
    • Fixed the issue of “”Password change required to continue” after registering SD User manually with disabled option for it”

    Portal

    New Features

    • In order to increase account security on the Comodo ONE/Comodo Dragon platforms, 3 mandatory steps have to be taken for all users of all accounts having more than 50 devices on their accounts.
      • Verify phone number
      • Give answer to 3 desired security questions
      • Enable Two Factor Authentication 
        • via Authenticator application
        • via SMS code
    • Ability to download pdf report from the Portal-> Management -> Applications-> Billing
    • Turkish language will be supported on the platform.

    APPENDIX  

    New Client Versions:   

    Windows Communication Client : 6.36.37891.20060

    Windows Comodo Client – Security:  12.2.0.8121

    Windows Remote Control : 6.36.37893.20060

    Endpoint Detection and Response: 2.3.0.195 (previous)

    macOS Communication Client: 6.35.37113.20040 (previous)

    macOS Comodo Client – Security : 2.4.4.851 (previous)

    macOS Remote Control: 6.36.37894.20060

    iOS Mobile Device Management Client : 1.3.0 (previous)

    Android Mobile Device Management Client: 6.16.0.7

    Linux Communication Client: 6.28.26228.19060 (previous)

    Linux Comodo Client – Security: 2.2.1.501 (previous)

    Comodo Dragon Platform April Release (April 30, 2020)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    Public API sharing – Must Have Items Part 2

    We are releasing the following APIs as Part 2 of our project to release our common APIs to the public:

    • Procedures
    • Monitors
    • Alerts

    These join last month’s release of our APIs for users, devices, and device group properties. 

    Mark Duplicate Devices by MAC address

    In addition to the device name, you can now use MAC addresses to identify duplicate devices. This improves search accuracy when devices in separate organizations or networks may have the same name.

    Here is the wiki of this feature.

    Bug Fixes 

    • Fixed the issue of inability to clone a profile after the account is migrated from EU region to US region.
    • Fixed the issue of CCC and CCS Branding settings are not applied.
    • Fixed the issue of global software inventory doesn’t filter software for selected companies/groups but shows software for all the customers.
    • Fixed the issue of Endpoint Manager users being unable to takeover device when 2FA is enabled.
    • Fixed the issue of maintenance windows are not available for procedures scheduling.
    • Fixed the issue of inconsistency between device statuses on Endpoint Manager portal and Remote Control application.
    • Fixed the issue of inability to reset screen passcode on iOS device through portal.

    Security

    New Features

    • Added ‘Quarantined Files’ tab to the Mac OS device details. You can get  a list of ‘Quarantined files’ from particular device.

    Here is the wiki of this feature.

    • We improved file searches in Endpoint Manager’s Valkyrie page by adding Start/end date filters.

    Data Loss Prevention:  

    • Added the ability to view logs of DLP monitoring rules.
    • Added a ‘Patterns’ column to the discovery logs detail window.
    • You can now delete or quarantine files discovered by a DLP discovery scan.
    • You can now create custom search patterns for DLP scans. Custom patterns can consist of specific keywords, keyword groups and data formats.

    Here is the wiki of this feature.

    Improvements

    • We started ‘Export to csv’ action in Audit logs (from all pages).
    • ‘Threat history’ became ‘Android threat history’. We continue collection all logs. But right now, all logs from Mac/Win/Linux are not available to view from Threat History page.

    Bug Fixes

    • Fixed an issue of “Unable to add network path to Containment virtualization exclusions”
    • Fixed an issue of “FW blocking communication (missing cmdprots.exe in predefined file group)”

    Remote Tools

    New Features

    • Audit logs now record all command prompt and PowerShell actions.

    Here is the wiki of this feature.

    • Admins can now choose whether to access the remote device as the current user or as a local system user. This choice is available for file explorer, process explorer, service explorer and the command interface.

    Here is the wiki of this feature.

    Remote Control

    New Features

    • Added ability to pause and resume file transfer.
    • Added ability to suspend and resume file transfer session. 

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed an issue of “Takeover failed to start.Connection data is invalid.” while connecting to macOS devices.

    Remote Monitoring and Management

    New Features

    Procedures for Mac OS

    You can now create, run and schedule procedures on MacOS devices. 

    Here is the wiki of this feature.

    Set Alias or Friendly Name for Network Devices

    You can now change network device names to memorable/understandable names.

    Here is the wiki of this feature.

    Patch Management

    New Features

    Enable / Disable Patch Management from Profiles

    You can now disable all patch management operations in active profiles. Admins can disable all updates/installations via:

    • On-demand patch installations
    • Scheduled patching operations
    • Patch installations via procedures

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of patches being applied outside maintenance windows.

    Reporting

    New Features

    Customer Assessment Report

    The customer assessment procedure lets you quickly evaluate the security of your managed Windows endpoints. The procedure generates a report which summarizes the following:

    • Device Vulnerability: List of operating system and 3rd party patches that need to be installed
    • Endpoint Security: Details of malware and unknown files found on devices.
    • Phishing and Internet Risks: Test whether your endpoints can connect to harmful websites.
    • Comodo Agent: An overview of which Comodo agents are installed on your endpoints. 

     Here is the wiki of this feature. 

    Comodo Client Security  

    Windows

    New Features

    Data Loss Prevention:

    • New DLP monitoring rule lets you block users from taking screenshots while specific applications are running. This is useful for applications which are known to handle sensitive data.
    • Added ability to create custom search patterns for DLP scans. As mentioned in the Endpoint Manager section earlier, custom patterns can consist of specific keywords, keyword groups and data formats.
    • Added search support for more file types to discovery rules.

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed an issue of “Connection to NAS via VPN is not possible via SMB2/SMB3 with CCS installed”
    • Fixed an issue of “Device gets very slow with CCS and Windows classic shell”

    Service Desk

    Bug Fixes

    • Fixed the issue of “While trying to bulk close or delete tickets in the Open tickets screen, the tickets close/delete but it redirects to the login screen.”

    New Client Versions:   

    Windows Communication Client : 6.35.37275.20040

    Windows Comodo Client – Security:  12.2.0.8121

    Windows Remote Control : 6.35.37178.20040

    Endpoint Detection and Response: 2.3.0.195

    macOS Communication Client: 6.35.37113.20040

    macOS Comodo Client – Security : 2.4.4.851

    macOS Remote Control: 6.35.37179.20040

    iOS Mobile Device Management Client : 1.3.0 

    Android Mobile Device Management Client: 6.15.0.10

    Linux Communication Client: 6.28.26228.19060

    Linux Comodo Client – Security: 2.2.1.501

    Comodo Dragon Platform March Release (March 14, 2020)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    Forward Audit Logs to SIEM tools

    • You can now forward audit logs to a SIEM server, emulating the existing feature in CCS.
    • Users can configure syslog forwarding at ‘Settings’ > ‘Portal Set-Up’ > ‘Logging Settings’ > ‘Audit Logs’.

    More Granular RBAC for devices, device groups, and remote control

    • We improved role based access control (RBAC) for device operations, and to differentiate device operations with remote control permissions:
      • Updated the description of the “users.allow-portal-login” permission.
      • Device group permissions now have a more granular structure:
        • Create
        • Rename
        • Delete
        • Assign
    •   Remote control permissions now have a separate structure with the following permissions:
      •   Takeover,
      • File-Transfer,
      • File-Transfer(Upload),File-Transfer(Download)

    …and more granular RBAC for procedures

    • We separated alerts and procedure management controls. Procedures now have the following sub-permissions:
      • Create Procedure
      • Delete Procedure
      • Edit Procedure
      • Approve Procedure
      • Execute Procedure
      • Export Procedure List
    • Alerts now have the following, separate, permissions:
      • Read only > configuration.alerts
      • Full Control > configuration.alerts, manage

    Results per Page Option for Device Tree

    • You can now view device tree with additional pagination options, as you can already in the regular device list. Users can now limit the device tree results with the following number of item options:
      • 20
      • 50
      • 100
      • 200

    Added support for Ubuntu 19.0             

    • Endpoint Manager clients now support devices using Ubuntu 19.04.

    Public API Sharing – Must Have Items Part 1

    • We aim to make all our common APIs public. This release sees stage 1 of this process, with the release of APIs for:
      • Users
      • Devices
      • Device Group categories

    Dark Mode for Android MDM Client

    • Devices on Android 10+ can now switch to the MDM client to dark mode.

    Improvements

    CCS – End of Support for Windows 7

    • In line with Microsoft policy and security best practices, we are ending official support for CCS on Windows 7 devices. We encourage all customers to upgrade their Windows based systems to Windows 8 /8.1/ 10.
    • CCS on Windows 7 will continue to work up-to previous version. New versions of CCS will not be supported.
    • The following operating systems are affected:
      • Windows 7
      • Windows Server 2008 R2

    Bug Fixes

    • Fixed the issue of Windows Communication Client breaking during upgrade.
    • Fixed the issue of “Installed Apps” tab not opening for macOS devices on portal.
    • Fixed the issue of Windows devices with Comodo Internet Security installed are considered in count within “Advanced Endpoint Protection” in “Bill Forecast” page on the License Management section.
    • Fixed the issue of RMMService.exe using too many UDP ports on Windows Server 2012 R2.
    • Fixed the issue of ITSMService.exe not present after deploying the latest version of Windows Communication Client.
    • Fixed the issue of widget statistics numbers don’t matching up.
    • Fixed the issue of ITSMService.exe initiating random restart of endpoint.
    • Fixed the issue of resetting screen passcode on iOS device through portal doesn’t work.
    • Fixed the issue of iOS enrollment email not properly displayed on Safari 601.1 (iOS9.3.5)
    • Fixed the issue of entered user credentials disappearing from DEP profile Setting after navigating across DEP profile tabs.

    Security

    New Features

    • Profile Section Addition with Default Settings – Windows profile (HIPS/Antivirus/Containment sections): Import profile settings while adding new section
    • You can now schedule virus scans on specific days of the week in a Windows profile.
    •  AV usability improvements,  Windows: On demand items request operation from portal: Quarantined items

    Data Loss Prevention:

    • You can now populate keyword groups by importing keywords from a file. This, for example, allows customers to populate the ‘Names’ group with a list of client users or employees.
    • New DLP monitoring rules let you block users from copying or moving files to USB devices.
    • Added ‘Quarantine’ action to DLP discovery rules. This lets admins isolate files containing sensitive information to prevent their exfiltration while a review of the files is in progress.

    Remote Control

    New Features

    • Added ability to use the command prompt and PowerShell to manage remote devices:
      • You can connect to the commands interface of the remote device
      • You can run commands in the remote device’s command prompt
      • You can run commands on the remote device’s PowerShell 
    • Added file versioning to file transfer operations. Endpoint Manager can now rename files that have the same name as a file on the remote machine, adding a version number to the name of the new file. This allows admins to retain both versions of the file on the destination.

    Remote Monitoring and Management

    New Features

    Clone Monitors

    • Users can now clone generic and network monitors

    SNMP Monitoring: Performance and Disk Monitor

    •  Admins can now retrieve the following device information over SNMP:
      • Performance
      • CPU Usage
      • RAM Usage
      • Disk
      • Free space left on the system drive
      • Free space left on all drives
      • Free space change on the system drive

    Run Procedures on device groups and customer

    • Admins can now run procedures on all devices belonging to a customer or to a group. You can run procedures on:
    • Device groups
    • User groups
    • Customers

    Bug Fixes

    • Fixed the issue of scheduled procedures being executed outside of the maintenance window.

    Patch Management

    New Features

    Security Vulnerability Notifications

    • Added recipient logic for ‘Security Vulnerability’ notifications.

    Improved patch information

    • Patch Management interface now shows the most recent successful and failed patch scans dates for OS and 3rd party patches.

    Comodo Client Security

    Windows

    New Features

    •  Maintenance mode for Windows 7

    Data Loss Prevention

    • Delete and quarantine actions added to DLP discovery rules
    • New DLP monitoring section lets admins block files from being copied to USB devices.

    New Features

    • Comodo Client Security Mac – Added support for MacOS Catalina

    Bug Fixes

    •  Fixed an issue with antivirus database updates run from the device itself
    •  Fixed an issue with diagnostic utility reports
    • CCS 11.6.1.7849 high CPU usage on Windows Server 2019
    • Diagnostic utility reports errors and can not fix them for CCSM 2.4.4.844

    Service Desk

    Bug Fixes & Improvements

    • Departments access scope doesn’t work in Itarian/C1 Mobile
    • Audit logs do not display SD events
    • Participants are included in the ‘To’ and ‘CC’ fields in Incoming Emails are not added automatically as Collaborators
    • Tickets with ‘ character sent using CCC tray icon are not created on SD side
    • Ticket Details form Limitation will reach up to 20
    • Unable to delete custom list if it was in use with some custom forms

    Portal

    New Features

    Managed Detection and Response (MDR) added to the ‘Store’ area

    • Managed detection and response (MDR) is a 24/7 threat monitoring solution that delivers 24/7 protection against threats emerging on your network. MDR combines advanced technologies at the host and network layers with continual supervision and threat investigation from Comodo’s team of human security experts. 

    Technology Assessment Platform (TAP)

    TAP moves to full release

    Following last month’s beta of the product, we are proud to launch the full version of the Technology Assessment Platform (TAP) with the March release. TAP helps MSPs audit client networks and generates detailed reports which grade the customer on each aspect of their set-up. The reports form an action-plan to address gaps in their coverage which you can share with your customers.

    We also added the following new improvements for the full release:

    • You can now customize the default questions for each of your customers. This allows you to easily construct a questionnaire tailored to the precise needs of your client.
    • Redesigned the final reports to make them even more professional, informative and easier to understand. In future releases will we add the ability to rebrand these reports.
    • Complete interface redesign and more informative dashboard stats. TAP has a fresh new look we think you’ll like.

     Customers can access TAP as follows:

    • Log in to your C1/Dragon/ITarian account
    • Click ‘Applications’ > ‘Technology Assessment Platform’
    • Login to TAP with the same credentials you use for C1/Dragon/ITarian

    Comodo Dragon Platform January Release (Jan. 18, 2020)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    Mac OSX Catalina Support

    Endpoint Manager now supports Mac OSX 10.15 Catalina

    Improved processes for old and duplicate devices

    Changes made to the device list to help admins identify and deal with old/duplicate devices.

    ●       Exclamation mark added to old/duplicate devices in the device list

    ●       Audit logs created when an old/duplicate device is removed

    ●       New filter added to the device list for old/duplicate devices

    ●       Customize the length of time that must pass before a device is flagged as ‘old’. 

    ●       Customize the length of time that must pass before Endpoint Manager removes old devices

    ●       New removal options for duplicate devices.

    Department Sync with Service Desk

    Users can now select departments marked as ‘Public’ in Service Desk when configuring alert settings, or when submitting a ticket via the CCC tray icon.

    ●       ‘Configure departments for ticket submission’ added to ‘Profiles’ > ‘UI Settings’ > ‘General Settings’ > ‘Show communication client tray icon’. This allows admins to choose which departments users can submit tickets to via the CCC tray icon.

    ●       New synchronization button option added to ‘Alerts’ > ‘Alert Settings’. Improvements made to the ‘Open tickets under’ field.

    Here is the wiki of this feature.

    Forward CCC logs to SIEM tool

    You can now forward CCC logs to a SIEM server, emulating the feature already available for CCS.

    ●       Choose which CCC logs are stored locally.

    ●       New options add to ‘Profiles’ > ‘Logging Settings’ > ‘Communication Client’ tab which let you forward logs to your desired servers.

    Dark Mode for iOS MDM Client

    iOS clients on devices with iOS 13+ can now switch to Dark Mode

    Security

    New Features

    Data Loss Prevention:

    New discovery scans allow you to audit and control sensitive data on a network. Discovery rules let you scan for specific document types and patterns, and to create scan exclusions. We also added discovery scan logs.

    Improvements

    Split the ‘Unrecognized and Quarantined files’ scan into 2 separate scans. This allows admins to run highly targeted scans which are relevant to their needs.
    Here is the wiki of this feature.

    Remote Control

    New Features

    ●       Added ability to cancel ‘in-progress’ uploads or downloads in the file transfer feature

    ●        Added ability to drag and drop files between local and remote machines

    ●         Added ability to select and delete multiple files

    ●          Added ability to search and sort files and folders

    ●            File transfer dialog now closes automatically once the transfer is complete

    Here is the wiki of this feature.

    ●       Added Mac OSX Catalina support

    Remote Monitoring and Management

    Bug Fixes

    • Fixed the issue of RMMService using x86 architecture download link for x64 applications while performing software upgrade operation
    • Fixed the issue of RMMService running at 25% CPU constantly.
    • Fixed the issue of monitoring tickets not being closed automatically when metrics goes down below threshold.

    Patch Management

    New Features

    Added ‘Reboot Pending’ status to patch manager

    New ‘Reboot Pending’ status informs you that a device needs to be restarted for the patch to become effective.

    Bug Fixes

    • Fixed the issue of incomplete logs for third party application installations.
    • Fixed the issue of third party patch procedure failing on Microsoft OneDrive.

    Comodo Client Security

    Windows

    New Features

    ●       Split ‘Unrecognized and quarantined files’ scan into two separate scans

    ●       Schedule antivirus scans on specific days of the week.

    Data Loss Prevention:

    New discovery scans allow you to audit and control sensitive data on a network. Discovery rules let you scan for specific document types and patterns, and to create scan exclusions. We also added discovery scan logs.

    Vulnerability & exploit fixes

    ●       Identify the digital signature level of a newly created system process.

    ●       Identify the parent process of any new system process.

    Bug Fixes

    ●       CCS no longer causes system restore operations to get stuck at ‘System restore is restoring the registry’.

    ●       Fixed bug that prevented users from saving Excel docs to a network folder when CCS 11.5 is running.

    ●       Fixed bug that caused device control to function incorrectly when scan removable media is enabled.

    ●       Fixed issue that caused application delays and errors when containment is enabled.

    ●       Fixed issue that caused some devices to freeze if CCS 11.6.1.7849 is installed.

    ●       Fixed bug which caused CCS to report all files scanned by CCE as ‘Unrecognized’, instead of their true trust rating.

    ●       Fixed incorrect timestamps after running a Comodo reputation DB update.

    ●       Fixed issues that caused high CPU and RAM usage by cmdagent 11.7.0.7899.

    ●       Fixed bug that prevented CCS updates via Squid if authentication was enabled.

    ●       Fixed bug that caused CCS antivirus and firewall to remain in the WMI Security Center namespace after uninstalling CCS on Windows 10.

    Portal

    New Features

    ● As part of improving our platform and our customers accounts security, the utilization of 2 Factor Authentication mechanism is mandatory from now on.

    ● ‘Secure DNS Filtering’ product rebranded as ‘Comodo Secure Internet Gateway’.

    Bug Fixes

    • Fixed the issue of not being able to generate Executive Windows Antivirus Report.

    New Client Versions:

    Windows Communication Client: 6.33.34325.20010
    Windows Comodo Client – Security: 12.0.0.7959
    Windows Remote Control: 6.33.34183.20010
    Endpoint Detection and Response: 2.3.0.195 (previous)
    macOS Communication Client: 6.33.34270.20010
    macOS Comodo Client – Security: 2.4.4.844 (previous)
    macOS Remote Control: 6.33.34199.20010
    iOS Mobile Device Management Client: 1.3.0
    Android Mobile Device Management Client: 6.14.0.13
    Linux Communication Client: 6.28.26228.19060 (previous)
    Linux Comodo Client – Security: 2.2.1.495 (previous)

    Comodo Dragon Platform Hot fix (Dec. 09, 2019)

    Service Desk

    Improvements

    • Ability to create flexible time sheet

    Bug Fixes

    • Fixed the issue of “There is no ability to use % symbol instead of IP address octets except the latest octet for SD API”
    • Fixed the issue of “Service Desk roles cannot be deleted”

    Version: 4.23.4

    Comodo Dragon Platform December Release (Dec. 07, 2019)

    Endpoint Manager

    New Features

    More Granular Role Management

    Updates to the role management interface include:

    • Permissions page is now more clearly organized
    • New ‘Read Only’ permission
    • Overall improvements to roles UI 

    Here is the wiki of this feature.

    ‘Read Only’ mode added to roles

    Added as a master-switch on the permissions screen, ‘read only mode’ allows users to view pages in Endpoint Manager, but not makes changes nor download reports.

    Separate Proxy Settings for CCC & CCS

    You can now configure separate proxy settings for the communication client and the security client. Previously, both clients had to use the same settings.

    Support for Android 10

    Endpoint Manager now supports mobile devices which use Android 10 OS (KNOX is excluded)

    PCI – DSS Compliance Data Aging

    You can now to store logs for up to 1 year, in compliance with PCI – DSS regulations.

    The following data will be stored:

    • Audit Logs
    • Thread History
    • Security Dashboard 

    Export License Details

    Can now export license data from the following pages:

    • License Management’ > ‘Licenses’ tab – export details about all licenses on the account
    • ‘License Management’ > ‘Licenses’ tab > ‘Details’ > ‘Customers’ – export details of how seats on a single license are distributed among various customers

    Here is the wiki of this feature.

    New restriction added to iOS profiles

    Added ability to disable personal hotspots on iOS devices.

    Improvements

    XMPP server replacement

    We are upgrading our XMPP solution in order to offer you a better service.

    Bug Fixes

    • Fixed the issue of showing wrong Maintenance Window in procedure scheduler settings
    • Fixed the issue of inability to deploy msi package throug “Install Custom MSI/Packages”
    • Fixed the issue of ITSMService forcing reboot with 300 seconds delay for patch procedure with “Warn about the reboot and let users postpone it” option if user is not logged in.
    • Fixed the issue of not being able to display “Upgradable Devices” for 3rd party applications if certain device group is selected.
    • Fixed the issue of ITSMService 6.30 crashing rarely.
    • Fixed the issue of multiple Comodo Client – Security update command from portal and scheduled rule.

    Security

    New Features

    Scan DLLs loaded by processes

    Added new option, ‘Monitor DLL files loaded by running processes’, to ‘Advanced Protection’ > ‘Miscellaneous’

    Improved Windows Boot Protection

    Comodo Client Security (CCS) now monitors untrusted DLLs & autoruns before the CCS service launches. This includes untrusted apps and unknown PE files which attempt to load via system vulnerabilities.

    Add virtual desktop support for the ‘Windows Fax and Scan’ application

    Windows fax and scan can now access COM/DCOM interfaces direct from the virtual desktop.

    Additional Valkyrie options

    Added ability to submit files for ‘Automated and human-expert analysis’. This option is available if you have a premium Valkyrie license.

    Removal Tool

    New tool allows you to quickly uninstall Comodo Client Security.

    Protected Objects in Containment Section

    Ability to add protected data and registry keys in the containment section

    Bug Fixes

    Fixed the issue of inability to add Protected Registry Keys in HIPS rules

    Remote Control

    New Features

    • You can now tell the remote control tool to revert to a direct internet connection if your proxy server fails.
    • Added 2 Factor Authentication for Endpoint Manager logins on Remote Control application.
    • You can now create favorite folders and view recent directories in the file transfer window.
    • Improved logs for the remote tool application.

    Bug Fixes

    • Below issues have been fixed on the Audit Log section;
    • Incorrect “End/Duration” Session value 
    • Incorrect “Type” and “Status” value
    • Name of deleted files was absent in old value for Remote tools delete event
    • Incorrect “Session Start/End/Duration” value
    • Old Value column in “Session connection type” has “None” Status

    Remote Monitoring and Management

    New Features

    You can now monitor the following items on Mac OS devices:

    • Online/Offline Status
    • Performance
      • CPU
      • RAM
      • Network Usage
    • Disk Usage
    • Process

    Here is the wiki of this feature.

    Active Directory Discovery

    New discovery feature locates any unenrolled devices in your Active Directory (AD) network. You can run AD discovery scans with or without a probe device.

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of a monitor still being triggered after it is removed.
    • Fixed the issue of getting “Package configuration not found” error upon trying to install 3rd party application patch.
    • Fixed the issue of not showing installed devices when 3rd party application name has ampersand sign (&).

    Patch Management

    Improvements

    • Expanded the database of CVEs in the vulnerability management tab (‘Applications’ > ‘Vulnerability Management’)

    Comodo Client Security

    Windows

    New Features

    • Added ability to start scans from a scan profile
    • Changes to client security UI
    • Removed ‘Open Logs’ task (red square)
    • Removed ‘Open Advanced Settings’ task (red square)
    • Added ‘Logs’ button (green square).
    • Changes to the ‘Home’ and ‘Tasks’ screens.

    Vulnerability & exploit fixes

    Option to prohibit shared resources for contained applications

    Check full path of a newly created SYSTEM process

    Bug Fixes

    • Full scan aborted – cavwp.exe crashes on Windows 10×64
    • Application crashes when it is started in Containment via right click
    • Virtual desktop prompt is split when 2 screens are connected
    • Unable to start browsers in containment
    • CCS does not start “Antivirus Update” operation by “COMODO Signature Update” scheduled task
    • AV scan doesn’t log embedded code detected in autorun items correctly
    • Unable to print from IE 11 from VDT

    Portal

    New Features

    • You can now resend staff activation emails from ‘Management’ > ‘Staff’
    • CCS removal tool added to the ITarian ‘Tools’ page.
    • You can now remove or hide purchased modules from the store interface.
    • Added support for the following languages:
    • Dutch
    • Spanish
    • Japanese
    • Italian

    New Client Versions:

    Windows Communication Client:6.32.33070.19120
    Client – Security: 11.7.0.7899
    Remote Control: 6.32.32936.19120
    Endpoint Detection and Response: 2.3.0.195
    macOS Communication Client: 6.32.32857.19120
    Client – Security: 2.4.4.844
    Remote Control: 6.32.32964.19120
    iOS Mobile Device Management Client: 1.2.27
    Android Mobile Device Management Client: 6.14.0.13
    Linux Communication Client: 6.28.26228.19060
    Client – Security: 2.2.1.495

    Comodo Dragon Platform Hot fix (Nov. 22, 2019)

    Service Desk

    • Fixed the issue of “My time sheets >Status Not Submitted” displays all time-sheets instead of only the ones belonging to the logged in user.
    • Fixed the issue of Help Desk account confirmation E-mail includes Itarian links. 
    • Fixed the issue of ability to use % symbol instead of IP address octets except the latest octet for SD API.
    • Fixed the issue of when “Automatically close the ticket if the metrics go below the threshold” option is enabled tickets are not being closed. 

    Version: 4.23.3

    Comodo Dragon Platform Hot fix (Nov. 16, 2019)

    RMM & PM

    • Not being able to edit monitors from custom folder.
    • RMM service 6.31.30471.1900 crashes because of access violation when IPC connection is lost.
    • RMM service doesn’t return error message for already installed patches when patch procedure is executed.
    • Security Client Events Monitor with condition “Comodo Client Security communication error occured” not being properly triggered.
    • RMM service crashing on Windows 7 x64 devices during searching of updates with latest Communication Client.
    • Inability to save procedure section within profile.
    • RMM service termination on Windows 10 x64 device.
    • RMM service not using custom scripts for third party software uninstall operations.

    Version: 6.31.3

    Remote Control / Remote Tools

    • Fixed the issue of CTRL + ALT + DELETE shortcut prompting deletion of highlighted item on the remote machine.

    Version:6.31.1

    PM & ITSM Core

    • “# of used seats” field is removed from License Summary notification email.
    • Fixed the issue about not being able to redirect to https://idmsa.apple.com.
    • Fixed the issue about creating wrong enrollment link upon choosing “Enroll and Protect” option in device enrollment section.
    • Fixed the wording on Communication Client Update settings when choosing “On selected days” for update frequency.
    • Fixed the wording on ticket emails which are created by monitors.
    • Fixed the wording on “Create User” section.

    Version: 6.31.2

    Cyber Security

    • Ability to Add EDR Agent to Bulk Installation Package

    Version: 6.31.1

    Comodo Dragon Platform Hot fix (Nov. 08, 2019)

    Service Desk

    • Ticket Scheduling Problem
    • E-mail Templates Saving Changes
    • SD Logging Out when Closing Tickets

    Version: 4.23.2

    Comodo Dragon Platform Hot fix (Oct. 25, 2019)

    RMM & PM

    • Ability to manage (enable/disable) notifications about Security Vulnerability within EM Portal

    Version: 6.31.2

    Service Desk

    • Staff panel was not directed to “Open Tickets” page
    • Mail Fetch Failure Alert is not received if custom SMTP is used

    Version: 4.23.1

    Comodo Dragon Platform Hot fix (Oct. 19, 2019)

    Comodo Client Security

    Windows

    Release Notes:

    Vulnerabilities & Exploits fixes:

    • Preventing unsigned DLLs from loading into CCS processes – Windows 7
    • Add possibility to restrict containment processes from reading other processes memory
    • Containment should protect consumer PC, processes that runs on it and process memory as well from suspicious entities

    Windows Client – Security Version: 11.6.1.7849

    Comodo Dragon Platform October Release (Oct. 12, 2019)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    Fallback connections for proxy servers

    You can now tell CCC and CCS to use a direct internet connection if your proxy server is not reachable for any reason.

    Two-factor authentication on standalone Endpoint Manager

    Two-factor authentication has been an option on Comodo One portals for some years now. With this release, we extend the feature to the standalone version of Endpoint Manager.

    Endpoint Manager admins can now:

    • Force two-factor authentication for all Endpoint Manager users
    • Enable two-factor for themselves
    • View the status of two-factor authentication on all user accounts
    • Reset two-factor authentication if there are issues

    Flag and remove options for old and duplicate devices

    New device management options allow admins to:

    •  Filter duplicate devices
    •  Define a time period after which inactive and duplicate devices will be removed from Endpoint Manager

    Support for iOS 13

    Endpoint Manager now supports mobile devices running on iOS 13.

    Change Passwords Manually

    You can now manually reset an Endpoint Manager user account password. Admins can now specify, or auto-generate, a new password on behalf of users.

    Security

    New Features

    Shellcode injection moved to Miscellaneous tab

    The shellcode injection option has been moved from the HIPS section of a Windows profile, to the ‘Miscellaneous Settings’ section.  This was done for consistency with the Windows security client (CCS)/

     ‘Skipped’ status added to antivirus logs

    Antivirus logs in the security dashboard now state ‘Skipped’ if a file was not scanned. The new description is more useful for troubleshooting purposes than the previous description of ‘Unknown’.

    Ability to restore disabled services, autoruns and scheduled tasks

    You can now view all disabled services, autoruns and scheduled tasks in the ‘Antivirus’ area of Endpoint Manager. Admins can re-enable these items on selected devices, or all devices.

    Remote Control

    New Features

    Proxy Configuration Fallback

    Admins can now have the Remote Control tool revert to a direct connection if their proxy is unavailable.

     File Transfer Improvements

    The latest release sees the following incremental improvements to remote file transfers:

    •  Select and transfer multiple items.
    • Single-click remote files/folders to rename them
    •  ‘Transfer Logs’ have been added to the ‘Audit Logs’ section.

    Bug Fixes

    •  Fixed occasional connection errors when using remote tools in the Endpoint Manager portal.
    • Fixed issue that prevented Comodo Remote Control sessions when a maintenance window was active on target devices.

    Remote Monitoring and Management

    New Features

    Procedure workflows:

    • You can now receive reports after a procedure is successful on targeted devices.
    • More details about a failed procedure have been added to auto-generated Service Desk tickets.

    Improvements

    • Hidden procedure execute for support admin account.
    • Redesigned storage structure.
    • Improve logging mechanism for network discovery.

    Bug Fixes

    • Fixed bug which caused the RMM service to crash (specifically RMMService 6.30.29303.19090)

    Patch Management

    New Features

    OS patching on vulnerable devices

    •  Admins can now install operating system patches on at-risk/vulnerable devices.

    Improvements

    •  Improvements to the patch manager log collector

    Bug Fixes

    • Fixed a procedure execution issue related to logged in users
    • Fixed issues related to Microsoft Teams collaboration software
    • Fixed bug that caused Endpoint manager to mistakenly show supported software as unsupported.

    Comodo Client Security

    Windows

     New Features

    Scan DLLs loaded by processes

    • Added new option, ‘Monitor DLL files loaded by running processes’, to ‘Advanced Protection’ > ‘Miscellaneous’

    Improved Windows Boot Protection

    • Comodo Client Security (CCS) now monitor untrusted DLLs & autoruns before the CCS service launches. This includes untrusted apps and unknown PE files which attempt to load via system vulnerabilities.

    Scan from VDT session or via ‘Windows Fax and Scan’ application 

    • Added  list for application which allowed to access COM/DCOM unrestricted from containment and be a part of configuration.   

    Monitor Un-trusted DLLs & autoruns before CCS service launches

    • Added new option “Use direct connection if proxy is unreachable”  the Proxy and Host settings.

    Two-factor authentication added to Unknown File hunter (UFH)

    • After setting up 2FA in the portal, users will also be able login to UFH with the same system of Google Authenticator codes.

     Vulnerability Fixes

    •  Refactoring to resolve CVE-2019-14694
    •  Contained applications are now prohibited from accessing power options
    • Unsigned DLLs can no longer load into Comodo Client Security processes. Supported on Windows 8+
    • Added ability to prevent contained processes reading the memory of other processes. 

    Bug Fixes

    • Full scan aborted – cavwp.exe crashes on Windows 10×64
    • Application crashes when it is started in Containment via right click
    • Virtual desktop prompt is split when 2 screens are connected
    • Unable to start browsers in containment
    • CCS does not start “Antivirus Update” operation by “COMODO Signature Update” scheduled task
    • AV scan doesn’t log embedded code detected in autorun items correctly

    Service Desk

    Bug Fixes

    • Post a reply issue from the browser on Service Desk
    • New SD users created via Helpdesk portal are not getting activation/verification e-mails automatically right after registration
    • Wrong error message appears creating new ticket with wrong e-mail format
    • Ticket Data and Executive Ticket Summary Report don’t receive data from SD
    • “Add New Field” button doesn’t work when editing the CUSTOM FORM “Ticket Details”

    Client Versions

    • Windows Communication Client 6.31.30518.19100
    • Windows Client – Security 11.6.0.7829
    • Windows Remote Control 6.31.30444.19100
    • MacOS Communication Client 6.31.30316.19100
    • MacOS Client – Security 2.4.4.844
    • MacOS Remote Control 6.31.30425.19100
    • Linux Communication Client 6.28.26228.19060
    • Linux Client – Security 2.2.1.495
    • Android Mobile Device Management Client 6.13.8.2
    • iOS Mobile Device Management Client 1.2.27

    Comodo Dragon Platform September Release (Oct. 07, 2019)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    Onboarding Wizard for Enrollment

    We redesigned the enrollment process to make it easier to add new devices. You can now enroll and protect your device in a single wizard. 

    Admins now have the option to ‘Enroll’, ‘Protect’, or ‘Enroll + Protect’ when adding new devices. You can pick different options for individual devices, or different options per operating system. 

    Apple DEP Integration 

    Endpoint Manager now supports Apple’s Device Enrollment Program (DEP), an important boon for customers who manage devices in the Apple ecosystem. DEP simplifies the previously complex procedure of enrolling and managing MAC/iOS devices, reducing the number of steps required before a device is ready for use. 

    From the September release onwards, iOS devices that are managed over DEP will be synced automatically with Endpoint Manager.

    • Sync and manage iOS devices from Apple DEP
    • Manage enrollment and notification settings of Apple DEP
    • Add, remove or renew Apple DEP tokens on Endpoint Manager.

    For more information about Apple DEP, please visit https://www.apple.com/business/site/docs/DEP_Guide.pdf

    Security

    New Features

    Virtual Desktop events

    You can now view virtual desktop logs in the ‘Event View’ tab of ‘Security Dashboards’.

     Virtual Desktop Status in Device List

    New ‘Virtual Desktop’ column added to the device list. There are three icons to indicate the status of the virtual desktop on the endpoint:

    • Virtual Desktop is running
    • Virtual Desktop is not running
    • Virtual Desktop is not supported

    Disable realtime scans on network files – Mac OS profiles

    In the last release, we added a setting to MAC CCS to disable automatic scans on network items. We have now added the same setting to MAC OS profiles in Endpoint manager. This means the feature can be more easily rolled out to all managed endpoints.

    “Real time virus scans are now optional for items on shared network drives. This can improve performance by eliminating needless scans on write-restricted files. If an endpoint does not have the rights to delete/quarantine files in a shared folder anyway, then there is little reason to scan them at this point. Any files copied to the endpoint will, of course, still be scanned locally.”

    Device tree added to Security Dashboard pages

    A much requested quality-of-life feature, the new device tree lets you view events, and take actions, on specific device groups.

    Remote Control

    New Features

    ITSM Service Inventory

    New feature lets you silently connect to a managed endpoint to manage the local service inventory.

    Added multi-language support to the Remote Control app

    You can now use the Remote Control app for Mac and Windows devices in German, French, Portuguese and Chinese.

    Bug Fixes

    • Fixed device takeover error messages.

    Remote Monitoring and Management

    New Features

     SNMP Monitoring

    You can now use SNMP monitoring to monitor network devices as well. It is now also possible to:

    • Manage devices which are found on the network
    • Create profiles for network devices
    • Create monitors for network devices.

     Auto Enrollment for Network Devices

    You can now define auto-enrollment preferences for network discoveries.

    Clearer, Filterable, Exportable Procedure logs

    You can now email scheduled procedure logs. The details in the logs themselves have also been improved.

    Bug Fixes

    ●       Fixed issue that prevented patching from working properly in some cases

    ●       Fixed bug that caused software inventory scans to take an abnormally long time

    ●       Fixed bug that caused disk space monitors to produce a false positive.

    Patch Management

    New Features

    CVE Visibility – Vulnerability Management

    You can now view CVE details about issues affecting vulnerable devices.

    Bug Fixes

    ● Fixed an issue where MSI errors during a 3rd party patch operation were not getting reported in the Endpoint Manager UI.

    ● Fixed an issue that caused Endpoint Manager to show the wrong number of installed/uninstalled patches. 

    Comodo Client Security

    Windows

    New Features

    • Website filtering. New feature automatically detects and blocks harmful websites, improving online security for endpoint users.
    • Detailed parent process logging. CCS logs now show the parent process of applications blocked by the containment module.
    • Macro script monitoring. The antivirus now monitors the execution of macro scripts and blocks malicious behaviour.

    Improvements

    • Confirmation message shown when attempting to exit the Virtual Desktop. You now have the option to show a confirmation message to end-users if they try to close the virtual desktop. This is to help ensure users do not accidently leave a virtual session.
    • ‘Ok’ button added added to the ‘PIN’ popup that is shown when the Virtual Desktop starts. The button allows the user to close/hide the PIN popup.
    • Added option to force users to scroll to the end of the Virtual Desktop Disclaimer.
    • Virtual Desktop sessions now have a maximum time expiry time of 24 hours.
    • %USERPROFILE%\Downloads\* folder has been removed from the ‘Shared Spaces’ file group. This location could potentially contain valuable user information.

    Service Desk

    Bug Fixes

    • Fixed the issue of unable to enable/disable Admin Email
    • Fixed the issue of wrong SLA warning levels
    • Fixed the issue of error messages for uploading over sized pictures
    • Fixed the issue of multiple attachment showing problem

    APPENDIX-1  

    New Client Versions:

    • Windows Communication Client  6.30.29304.19090
    • Windows Client – Security 11.5.0.7759
    • Windows Remote Control 6.30.29237.19090
    • MacOS Communication Client 6.30.28366.19090
    • MacOS Client – Security 2.4.4.844 (previous)
    • MacOS Remote Control 6.30.29238.19090
    • Linux Communication Client 6.28.26228.19060 (previous)
    • Linux Client – Security 2.2.1.495
    • Android Mobile Device Management Client 6.13.8.2 (previous)
    • iOS Mobile Device Management Client 1.2.27 (previous)

    Comodo Dragon Platform July Release (Jul. 13, 2019)

    Endpoint Manager

    Endpoint Manager Core

    New Features

    Proxy Mechanism for Clients

    You can now specify local endpoints as proxies from which other endpoints can collect installation packages and database updates. This helps save network traffic and accelerates package deployment when a large number of endpoints are involved.

    You distribute the following packages with this feature:

    • Comodo Communication Client
    • Comodo Client Security
    • Virus database updates

    You can define the maximum amount of traffic to be used for package distribution, and the maximum number of proxy endpoints.

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of auto-remediation procedure triggers despite it is disabled in monitor settings on portal.
    • Fixed the issue of MacOS Communication Client connection failure.
    • Fixed the issue of maintenance window being shown as “OFF” while it is actually in the preset interval.
    • Fixed the issue of location tracking for mobile devices.
    • Fixed the issue of download servers from security profile not being applied to client immediately.
    • Fixed the issue of translation inconsistencies for Remote Control and Remote Tool settings in profiles.
    • Supported Device Platforms page is updated in order not to cause disinformation.

    Security

    New Features

    Virtualization Exclusions for Removable Media

    You can now exclude removable media such as USB sticks and external drives from virtualization. Doing so allows apps in the Virtual Desktop to write and make changes to specific media attached to the endpoint. This provides another way to export data from the Virtual Desktop in addition to Shared Space.

    You can configure these exceptions in the ‘Containment’ section of an Endpoint Manager profile.

    Set Custom Disclaimer for Virtual Desktop

    Expanding our white-label options, you can now configure a custom disclaimer message for the Virtual Desktop. Users must accept the disclaimer before starting the virtual session.

    You can configure the disclaimer in the ‘Containment’ section of an Endpoint Manager profile.

    See this wiki if you want help to white label/rebrand the Endpoint Manager clients.

    Allow User to Override Virtual Desktop settings

    When enabled, Endpoint Manager will not reverse local Virtual Desktop settings that are different to those in the endpoint’s profile. Ordinarily, Endpoint Manager checks devices to see if the local settings match those in the device profile. It will re-implement the profile settings if it detects any deviation.

    The new setting gives admins greater flexibility and control over individual endpoints. For example, you can now disable the exit password on a specific endpoint, avoiding the need to create a whole new profile just to accomplish this one task.

    This addition complements the existing override option in the ‘Client Access Control’ section of a profile, which allows local changes to *every* CCS setting. Admins can now allow local override of just the virtual desktop settings, while preventing changes to other CCS settings.

    You can configure the override setting in the ‘Containment’ section of an Endpoint Manager profile.

    Here is the wiki of this feature.

    Show only Virtual Desktop settings on endpoint

    New option to only show virtual desktop options when users click the CCS tray icon on an endpoint. End-users can then access and launch the virtual desktop, but cannot change other CCS settings.

    This feature is useful when used with the override option described above.

    You can configure this setting in the ‘UI Settings’ section of an Endpoint Manager profile.

    Here is the wiki of this feature.

    Improvements

    Auto-updates disabled by default in CCS

    Automatic updates to the CCS client are now disabled by default in predefined profiles. This change was made after valued feedback from our customers who manage complex, sometimes delicately balanced networks. To avoid potential disruptions, customers prefer to be notified when updates are available so they can review them before installation.

    New default actions for unknown autorun entries

    This setting determines what CCS should do if an application tries to create/modifiy a service, auto-start entry, or scheduled task. You can find it at ‘Configuration Templates’ > ‘Profiles’ > open a level 2 or 3 profile > Click the ‘Miscellaneous’ tab.

    The previous default was ‘Ignore’. The new defaults are:

    •         Security Level 2 profiles –  ‘Terminate and Disable’
    •         Security Level 3 profiles –  ‘Quarantine and Disable’

    You can find background information on this setting at https://help.comodo.com/topic-399-1-904-11900-miscellaneous-settings.html#action_on_tasks

    Remote Control

    New Features

    File Transfer: Folder Transfers

    You can now send/receive folders via file transfer in the Remote Control application.

    You can track folder transfer status in the file transfer queue pane.

    Here is the wiki of this feature.

    Role-based access control for Remote Control file transfer

    You can now limit file transfer capabilities for specific devices and/or device groups.

    Similarly, you can now limit file transfer capabilities by role.

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of connecting to MacOS with Remote Control.

    Comodo Client Security 

    Windows

    New Features

    ‘Virtual Desktop only’ mode

    As mentioned in the Endpoint Manager section earlier, we have added the ability to show only virtual desktop options when users click the CCS tray icon on an endpoint.

    When enabled in a profile, CCS will only show these two items when you click the tray icon:

    •       Run Virtual Desktop – Opens the Virtual Desktop
    •       Open Virtual Desktop Settings – Opens the Virtual Desktop settings area in CCS

    End-users cannot access any other area of CCS.

    Improved password policy for the Virtual Desktop

    Admins can prevent end-users from accessing the local computer by setting an ‘exit’ password on the Virtual Desktop. Once set, users will need to enter the password if they want to switch from the virtual environment to the local environment. We added the following settings to improve the security of this password:

    •       90-day validity period. The exit password will expire, and must be changed, after 90 days.
    •       Password complexity requirements. Passwords must now be 8-16 characters and contain a mix of upper case letters, lower case letters, numbers, and special characters.

    Detection of msi installation through URL

    Added a default containment rule that prevents the installation of msi packages via a URL in a command line. This feature is tightly coupled with Script Analysis as it will be detected in the list of enabled interpreters.

    Virtualization exclusions for removable media.

    Under default conditions, apps in the virtual desktop write to a virtual file system, and cannot save changes to the host or any peripherals. As covered earlier, you can now create exceptions to this rule for specific removable media. Creating such an exception allows users to more easily export data from the virtual desktop to USB sticks, external storage drives, or CD/DVD.

    Extended Virtual Desktop Logs

    Virtual desktop logs have been moved out of the ‘Containment Logs’ section and now have their own section. This improves log visibility and makes it easier to conduct investigations, analysis and forensics.

    Bug Fixes

    • Fixed the issue of aborted AV Full Scans
    • Fixed the issue of adding timeout value in the duration of Virtual Desktop session
    • Fixed the issue of internal process crashes on Windows 10 Pro, Server 2016 and Server 2012 R2
    • Fixed the issue of twitching CCS icon
    • Fixed the issue of incompatibility between the security agent and Google Chrome Enterprise
    • Fixed the issue of mapping drives under incorrect directories
    • Fixed the issue of failed Antivirus signature database updates

    MacOS

    New Features

    Disable real time scans on network items

    Real time virus scans are now optional for items on shared network drives. This can improve performance by eliminating needless scans on write-restricted files. If an endpoint does not have the rights to delete/quarantine files in a shared folder anyway, then there is little reason to scan them at this point. Any files copied to the endpoint will, of course, still be scanned locally.

    Here is the wiki of this feature.

    Linux

    New Features

    External Device Control logs

    We added event logs for the USB control rule. The rule allows admins to block the use of USB devices on Linux endpoints. The new logs let you analyze events where there was an attempted breach of the rule.

    Here is the wiki of this feature.

    Bug Fixes

    • Fixed the issue of requesting password on scan initiation attempt

    Remote Monitoring and Management

    Bug Fixes

    • Fixed the issue of RMM service crashing.
    • Fixed the issue of Disk Space Monitoring’s false alerts.
    • Fixed the issue of incorrect output in monitoring results.

    Patch Management

    Bug Fixes

    • Fixed the issue of not showing Russian characters in the Global Software Inventory.
    • Fixed the issue of Software Inventory loading failure.
    • Fixed the issue of available but not displayed 3rd party patches problem.

    Service Desk

    New Features

    With July release Audit Data Logs will include the action time.

    Portal

    New Features

    Comodo Dragon platform

    As you may remember we introduced Itarian platform in October release. In that release, all functionality was the same for both the ITarian and Comodo ONE platforms. The only difference was the platform skin (either ITarian or Comodo ONE branded).

    However, the ultimate goal was reaching to a point that we have two perfect platform. The first one, ITarian Platform, would mainly bring IT Management aspects into the forefront which is strengthened with security products. With the second platform we aim to create ALL-IN-ONE CLOUD-NATIVE CYBERSECURITY PLATFORM that brings security aspects into the forefront which is strengthened by IT Management features. You will find MDR, EDR, Network Security products and much more that are directly integrated in this platform. With this new platform you now become MSSP!!! Yes, you can offer full MSSP capabilities with your own whitelabelled SOC! Just enable COMODO Dragon Platform and start offering MSSP services, no expertise, no staff, no costly SIEM licenses! It is literally MSSP in a box!!!

    Now it is time to do this. By introducing Comodo Dragon Platform we aim to create ALL-IN-ONE CLOUD-NATIVE CYBERSECURITY PLATFORM that provides Active Breach Protection in a single platform. Enable this and become an MSSP!!!

    This release will be the first step toward this goal. Comodo One will turn into Dragon Platform step by step. We will first start with rebranding and continue with powerful dashboards, with built-in security products and much more.

    Nothing will change from Itarian side. Itarian will continue to be your centralized IT management platform with much more powerful features.

    APPENDIX-1

    New Client Versions:

    • Windows Communication Client  6.29.27210.19070
    • Windows Client – Security 11.4.0.7615
    • Windows Remote Control 6.29.27171.19070
    • macOS Communication Client 6.29.27177.19070
    • macOS Client – Security 2.4.4.844
    • macOS Remote Control 6.29.27180.19070
    • Android Mobile Device Management Client 6.13.8.2