{"templateId":"markdown","sharedDataIds":{"sidebar":"sidebar-sidebars.yaml"},"props":{"metadata":{"markdoc":{"tagList":["admonition"]},"redocly_category":"Release notes","type":"markdown"},"seo":{"title":"v3.8.4 June 7, 2026","description":"Coro's support and product documentation portal","siteUrl":"https://docs.coro.net","keywords":"Coro docs portal, documentation, support, docs","lang":"en-US","llmstxt":{"hide":false,"sections":[{"title":"Table of contents","includeFiles":["**/*"],"excludeFiles":[]}],"excludeFiles":[]}},"dynamicMarkdocComponents":[],"compilationErrors":[],"ast":{"$$mdtype":"Tag","name":"article","attributes":{},"children":[{"$$mdtype":"Tag","name":"Heading","attributes":{"level":1,"id":"v384-june-7-2026","__idx":0},"children":["v3.8.4 June 7, 2026"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Version 3.8.4 includes:"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"a","attributes":{"href":"#new-features"},"children":["New features"]}]}]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":[{"$$mdtype":"Tag","name":"a","attributes":{"href":"#enhancements"},"children":["Enhancements"]}]}]}]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"new-features","__idx":1},"children":["New features"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This section describes the new features added in version 3.8.4."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"1---cloud-security","__idx":2},"children":["1 - Cloud Security"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The following features have been added to the Cloud Security module:"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"11---device-and-user-protection-limit-visibility","__idx":3},"children":["1.1 - Device and user protection limit visibility"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["MSP admin users can now view device and user protection limits, where configured, for child workspaces in the Global View workspaces list."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/msp/overview#using-list-view"},"children":["Using list view"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"2---data-governance","__idx":4},"children":["2 - Data governance"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The following features have been added to the User Data Governance and Endpoint Data Governance modules:"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"21---access-permissions-based-on-labels","__idx":5},"children":["2.1 - Access permissions based on labels"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Admin users can now create User Data Governance access permissions policies based on user label."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/userdatagov/udg-datagov-access-permissions"},"children":["Setting access permissions"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"22---file-and-folder-exclusions-in-data-governance-scans","__idx":6},"children":["2.2 - File and folder exclusions in data governance scans"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["As part of scheduled endpoint sensitive data scans, Admin users can now configure exclusions based on files or folders."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/endpointdatagov/edg-exclusions"},"children":["Exclusions"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"3---email-security","__idx":7},"children":["3 - Email Security"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The following features have been added to the Email Security module:"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"31---real-time-url-protection","__idx":8},"children":["3.1 - Real-time URL protection"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Admin users can now enable real-time URL protection for emails received via Coro's Inbound Gateway."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["URLs in received emails are scanned for threats and exchanged for safe links that, when clicked, provide continuous protection against malicious URL targets. Link protection persists after delivery, meaning Coro continues to check links for malicious content if a user revisits the email in the future."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/emailsecurity/email-security-settings#real-time-url-protection"},"children":["Real-time URL protection"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"4---network-and-swg","__idx":9},"children":["4 - Network and SWG"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The following features have been added to the Network and SWG modules:"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"41---conditional-forwarding","__idx":10},"children":["4.1 - Conditional forwarding"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This release extends DNS filtering so admin users can now configure Coro to forward requests for internal or on-prem domains to their local DNS."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/swg/dns-filtering#conditional-forwarding"},"children":["Conditional forwarding"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"5---security-awareness-training-sat","__idx":11},"children":["5 - Security awareness training (SAT)"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The following features have been added to SAT:"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"51---new-nis2-compliance-course-option","__idx":12},"children":["5.1 - New NIS2 compliance course option"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This release adds NIS2 to the list of SAT regulatory compliance courses."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/sat/sat-settings#compliance-training"},"children":["Compliance training"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"52---resend-training-course-option","__idx":13},"children":["5.2 - Resend training course option"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Admin users can now resend previously-assigned training courses to users."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/sat/sat-settings#retaking-training-courses"},"children":["Retaking training courses"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"53---random-journey-option","__idx":14},"children":["5.3 - Random journey option"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["During service activation, admin users can now select a random journey option so each enrolled user receives phishing simulations in a random order during their journey. This can help reduce cheating and mutual assistance between enrolled users."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["For more information, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/sat/sat-settings#activating-sat"},"children":["Activating SAT"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":2,"id":"enhancements","__idx":15},"children":["Enhancements"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Version 3.8.4 introduces the following additional changes:"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"1---coro-console-enhancements","__idx":16},"children":["1 - Coro console enhancements"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"11---msp-admin-users-for-inactive-channel-workspaces-can-still-manage-child-workspaces","__idx":17},"children":["1.1 - MSP admin users for inactive channel workspaces can still manage child workspaces"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In previous releases, MSP admin users for inactive channel workspaces were prevented from managing descendant child workspaces due to the inactive workspace status. This release resolves this issue and enables those MSP admin users to perform relevant tasks in the Console's ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Global view"]}," pages."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"12---changes-to-filter-and-search-bar-layout","__idx":18},"children":["1.2 - Changes to filter and search bar layout"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This release improves the layout and appearance of the filter and search bar on all pages."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"13---allowed-subscription-bundles-rule-change","__idx":19},"children":["1.3 - Allowed subscription bundles rule change"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["MSP admin users can now configure module availability in channel workspace subscription rules independently to bundles."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Previously, modules included as part of bundles were automatically available for workspace subscripions on an individual basis in parallel with the bundle. This release introduces stricter selection constraints such that modules must be explicitly allowed in channel workspace subscription rules to be available for descendant workspace subscriptions."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/msp/subscriptions"},"children":["Managing workspace subscriptions"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"14---allow-direct-reply-when-contacting-users-from-tickets","__idx":20},"children":["1.4 - Allow direct reply when contacting users from tickets"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["The ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Contact user"]}," ticket action now sets the reply-to email address to the current admin user. This means recipients now have a named contact to which they can send replies."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/console/ticket-log#actions"},"children":["Ticket actions"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"2---endpoint-security-and-edr","__idx":21},"children":["2 - Endpoint Security and EDR"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"21---security-gap-improvements","__idx":22},"children":["2.1 - Security gap improvements"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Coro now displays security gaps in priority order, highlighting the most critical security issues first."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/securitygaps/overview"},"children":["Security Gaps"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"22---improved-scheduling-for-malware-and-sensitive-data-scans","__idx":23},"children":["2.2 - Improved scheduling for malware and sensitive data scans"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To better highlight the performance impact of regularly scheduled malware and sensitive data scans on endpoint devices, Coro now sets the default scan frequency to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["every 21 days"]},". The frequency selector is now shown in reverse order, from least frequent to most freqent, to reinforce this."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/endpointsecurity/scheduled-malware-scans"},"children":["Scheduled malware scans"]}," and ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/endpointdatagov/edg-schedulescan"},"children":["Scheduling a sensitive data scan"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"23---improved-agent-update-status-messaging","__idx":24},"children":["2.3 - Improved agent update status messaging"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This release introduces a more consistent and clearer indication of agent version status on the ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Devices"]}," page, including whether released updates apply."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["If Coro releases a new agent version to ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Beta"]}," or ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Release Candidate (RC)"]}," stage, enrolled endpoint devices now show an update as ",{"$$mdtype":"Tag","name":"em","attributes":{},"children":["available"]}," instead of indicating the existing version is outdated."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Agents now show as ",{"$$mdtype":"Tag","name":"em","attributes":{},"children":["pending"]}," if automatic updates are enabled and the device is in the queue for an update."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Agents only show as ",{"$$mdtype":"Tag","name":"em","attributes":{},"children":["outdated"]}," if Coro has launched a new version as ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["General Availability (GA)"]}," and the device is still running a previous version."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/agent/upgrading#agent-update-status-indicators"},"children":["Agent update status indicators"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"24---block-process-communications-to-blocklisted-ip-addresses","__idx":25},"children":["2.4 - Block process communications to blocklisted IP addresses"]},{"$$mdtype":"Tag","name":"Admonition","attributes":{"type":"warning","name":"Important"},"children":[{"$$mdtype":"Tag","name":"p","attributes":{},"children":["This feature requires endpoint devices running Coro Agent v3.8.5 and later."]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Coro now monitors process-level network communications on endpoint devices to check for contact with known malicious IP addresses. The agent identifies malicious activity by referencing against an internal threat list, which is regularly synchronized from open-source threat intelligence lists."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["A detection match triggers a new EDR ticket in the console, ",{"$$mdtype":"Tag","name":"strong","attributes":{},"children":["Process communicated with known malicious domain"]},", containing the device and process identities together with details of the suspected malicious IP address."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/console/ticket-logic-edr#malicious-process-communication"},"children":["Malicious process communications tickets"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":3,"id":"3---email-security-1","__idx":26},"children":["3 - Email Security"]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"31---block-report-as-phishing-from-the-suspected-folder","__idx":27},"children":["3.1 - Block report-as-phishing from the suspected folder"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["Coro now blocks end users from repeat-reporting an email as phishing through the Outlook user feedback add-ins if the email is already in the \"Suspected\" folder (having already been reported)."]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/emailsecurity/addins#installing-and-using-the-coro-add-in-for-microsoft-outlook-365"},"children":["Installing and using the Coro add-in for Microsoft Outlook 365"]},"."]},{"$$mdtype":"Tag","name":"Heading","attributes":{"level":4,"id":"32---allowing-or-blocking-emails-from-global-view","__idx":28},"children":["3.2 - Allowing or blocking emails from Global View"]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["In the Global Ticket Log, when an MSP admin user allows or blocks an email, Coro now offers the choice of list to which you want to add the email. Choose from:"]},{"$$mdtype":"Tag","name":"ul","attributes":{},"children":[{"$$mdtype":"Tag","name":"li","attributes":{},"children":["The global allowlist or blocklist affecting all descendant workspaces"]},{"$$mdtype":"Tag","name":"li","attributes":{},"children":["The local allowlist or blocklist for the affected workspace only"]}]},{"$$mdtype":"Tag","name":"p","attributes":{},"children":["To learn more, see ",{"$$mdtype":"Tag","name":"a","attributes":{"href":"/msp/global-views#allowlisting-and-blocklisting-email-senders"},"children":["Allowlisting and blocklisting email senders"]},"."]}]},"headings":[{"value":"v3.8.4 June 7, 2026","id":"v384-june-7-2026","depth":1},{"value":"New features","id":"new-features","depth":2},{"value":"1 - Cloud Security","id":"1---cloud-security","depth":3},{"value":"1.1 - Device and user protection limit visibility","id":"11---device-and-user-protection-limit-visibility","depth":4},{"value":"2 - Data governance","id":"2---data-governance","depth":3},{"value":"2.1 - Access permissions based on labels","id":"21---access-permissions-based-on-labels","depth":4},{"value":"2.2 - File and folder exclusions in data governance scans","id":"22---file-and-folder-exclusions-in-data-governance-scans","depth":4},{"value":"3 - Email Security","id":"3---email-security","depth":3},{"value":"3.1 - Real-time URL protection","id":"31---real-time-url-protection","depth":4},{"value":"4 - Network and SWG","id":"4---network-and-swg","depth":3},{"value":"4.1 - Conditional forwarding","id":"41---conditional-forwarding","depth":4},{"value":"5 - Security awareness training (SAT)","id":"5---security-awareness-training-sat","depth":3},{"value":"5.1 - New NIS2 compliance course option","id":"51---new-nis2-compliance-course-option","depth":4},{"value":"5.2 - Resend training course option","id":"52---resend-training-course-option","depth":4},{"value":"5.3 - Random journey option","id":"53---random-journey-option","depth":4},{"value":"Enhancements","id":"enhancements","depth":2},{"value":"1 - Coro console enhancements","id":"1---coro-console-enhancements","depth":3},{"value":"1.1 - MSP admin users for inactive channel workspaces can still manage child workspaces","id":"11---msp-admin-users-for-inactive-channel-workspaces-can-still-manage-child-workspaces","depth":4},{"value":"1.2 - Changes to filter and search bar layout","id":"12---changes-to-filter-and-search-bar-layout","depth":4},{"value":"1.3 - Allowed subscription bundles rule change","id":"13---allowed-subscription-bundles-rule-change","depth":4},{"value":"1.4 - Allow direct reply when contacting users from tickets","id":"14---allow-direct-reply-when-contacting-users-from-tickets","depth":4},{"value":"2 - Endpoint Security and EDR","id":"2---endpoint-security-and-edr","depth":3},{"value":"2.1 - Security gap improvements","id":"21---security-gap-improvements","depth":4},{"value":"2.2 - Improved scheduling for malware and sensitive data scans","id":"22---improved-scheduling-for-malware-and-sensitive-data-scans","depth":4},{"value":"2.3 - Improved agent update status messaging","id":"23---improved-agent-update-status-messaging","depth":4},{"value":"2.4 - Block process communications to blocklisted IP addresses","id":"24---block-process-communications-to-blocklisted-ip-addresses","depth":4},{"value":"3 - Email Security","id":"3---email-security-1","depth":3},{"value":"3.1 - Block report-as-phishing from the suspected folder","id":"31---block-report-as-phishing-from-the-suspected-folder","depth":4},{"value":"3.2 - Allowing or blocking emails from Global View","id":"32---allowing-or-blocking-emails-from-global-view","depth":4}],"frontmatter":{"seo":{"title":"v3.8.4 June 7, 2026"}},"lastModified":"2026-06-07T13:25:21.000Z","pagePropGetterError":{"message":"","name":""}},"slug":"/rn/v3.8.4","userData":{"isAuthenticated":false,"teams":["anonymous"]},"isPublic":true}