v3.1 February 11, 2024¶

Version 3.1, a major release, includes:

New features
Enhancements
Fixed items
Agent updates

Prerequisites¶

Before you can use the features and enhancements described below, you must update the relevant agent on your device. macOS/Windows agents 3.1 will be available on February 18, 2024.

New features¶

This section describes the add-ons and other new features that we are releasing with version 3.1.

1 - Coro console ¶

The following features have been added to the Coro console:

1.1 - Multi-region deployment ¶

Coro now offers organizations the option to establish workspaces and store data in Canadian and German data centers, alongside existing US centers. This capability is essential for organizations in Canada and Europe who need to keep data within their operational region to meet local regulatory requirements.

The console for each region has a unique URL:

Important

Organizations that connected a Google Workspace service to the Canada or Germany regions during the beta testing phase must disconnect and reconnect your Google Workspace account. Contact your support representative for more details.

For further information, see Coro architecture.

1.2 - Summary reports ¶

An executive summary report is now available for each workspace. It offers a detailed overview of the security status and activities within a workspace, featuring a dynamic structure that adapts to the specific modules enabled in the workspace and the tickets generated within the selected reporting period. The report is divided into several key sections, including:

A general overview highlighting protected users, devices covered, and generated tickets
The top vulnerabilities for the workspace
Tickets and top vulnerabilities for each module

For further information, see Summary reports.

1.3 - Archive workspaces ¶

MSPs can now archive inactive child workspaces, and Coro admins can archive inactive child and regular workspaces. When a workspace is archived, any cloud applications are disconnected and Inbound Gateway and Network settings are cleared.

For further information, see Archive workspaces.

2 - Endpoint Security ¶

The following features have been added to the Endpoint Security module:

2.1 - macOS device USB lockdown ¶

USB drives on macOS devices can now be blocked. The USB Lockdown device policy allows admin users to block mass storage devices such as USB flash drives and USB hard drives.

For further information, see USB lockdown.

2.2 macOS device tamper protection ¶

Tamper protection is now supported on macOS devices.

For further information, See Tamper protection.

3 - Email Security ¶

The following features have been added to the Email Security module:

3.1 - Inbound Gateway [Beta]¶

Coro’s Inbound Gateway add-on extends the anti-malware and anti-phishing protection offered by the Email Security module. It offers a full email proxy gateway solution that intercepts all inbound emails destined for your user’s accounts before malicious content can enter the organization's network.

For further information, see Inbound Gateway.

4 - EDR ¶

The following features have been added to the EDR module:

4.1 - Detections ¶

Coro EDR now detects and creates tickets based on malicious process detection rules.

For further information, see Ticket types for EDR.

4.2 - Allow/Block list CSV imports ¶

Coro EDR can now import file, folder, and process records from a list contained in a CSV file.

For further information, see Block processes.

5 - Network ¶

The following features have been added to the Network module:

5.1 - Encryption strength ¶

The Coro VPN now offers two encryption strengths:

AES-128: faster, enterprise-grade security
AES-256: slower, military-grade security

By default, a virtual office has an encryption strength of AES-128.

For further information, see Change the encryption strength.

6 - MDM ¶

The following features have been added to the MDM module:

6.1 - Rich application search ¶

Admin users can now add applications to a device policy from the Coro console based on the app name.

6.2 - Disenroll a device ¶

Admin users can now mark a device as disenrolled from the Coro console. The device remains visible in the Devices list, but is no longer accessible or managed by Coro MDM.

6.3 - Remove a device ¶

Admin users can now permanently remove a disenrolled device from Coro MDM.

7 - Connectors ¶

The following features have been added to the Connectors section of the console:

7.1 - ConnectWise integration ¶

Coro now supports ConnectWise PSA integration. ConnectWise is used to map services (Coro modules and add-ons) and companies (managed workspaces) via a PSA connector in order to report workspace usage data.

For further information, see ConnectWise integration.

Enhancements¶

Version 3.1 introduces the following additional changes:

1 - Content inspection permissions ¶

When content inspection is enabled, admin users can view sensitive data in the email content and findings sections of tickets related to User Data Governance. Sensitive data is data considered private or protected by law, policy, or contractual obligation.

When disabled, these sections display a message stating "Access to sensitive data is restricted" if they contain sensitive data.

2 - EDR Base64 decoded command line support ¶

Coro EDR now automatically decodes base64-encoded command lines displayed on the Telemetry page, rendering them understandable for admin users.

3 - Protection against disabling the Windows Event Log ¶

For Windows devices, when Tamper Protection is enabled, Coro EDR now safeguards against malicious attempts to disable the Windows Event Viewer, which is critical for gathering Windows event log EDR telemetry data.

4 - EDR data protection ¶

If a device loses network connectivity or the Coro agent is inactive, Coro EDR now preserves your telemetry and process data. This saved data becomes accessible once the device re-establishes connection or the Coro Agent resumes operation.

5 - Accuracy of IP geolocation ¶

The accuracy of IP geolocation has been improved for Access Permission and Suspected Identity Compromise tickets.

6 - Export admin user notifications ¶

MSPs can now export the notification settings of their admin users to a CSV file. Each admin user sets their notifications from My Account -> Notifications.

Fixed items¶

Files with a comma in the file name sent through Secure Messages were not able to be downloaded. These files can now be downloaded.
When some special characters were entered in the search bar, an error message was received. Special characters can now be used without receiving errors.

Agent updates¶

This section describes the following additional agent updates that we are releasing with version 3.1:

Prerequisites¶

The relevant agent must be updated on your device before changes take effect. The features described will not function until the updated macOS and Windows agents are installed. These are available on February 18, 2024.