Skip to content

Protection settings

Use this tab to configure settings for endpoint monitoring using Coro Agent. These settings apply to all devices in the workspace.

Endpoint monitoring settings

Heartbeat interval

Defines how often Coro pings endpoints to monitor their security status. Choose a value from the drop-down list.

Tamper protection

Enable this setting to prevent users and certain types of malware from tampering with important security features and disabling protection.

Advanced threat control

When enabled, Coro monitors active processes for known and potential threats, and blocks processes (that are not explicitly allowlisted) that exhibit suspicious behavior.

Volume shadow copy service (VSS) backup protection

When enabled, Coro enforces backup snapshots every four hours and blocks processes that exhibit risks to the backup.

Enhanced EDR block mode

By using Coro endpoint protection alongside Windows Defender Antivirus, Coro boosts endpoint detection and response (EDR) capabilities against malicious artifacts. The enhanced EDR block mode reinforces this protection by enabling access to timely data that the environment might otherwise suppress.