Version 3.1, a major release, includes:
Before you can use the features and enhancements described below, you must update the relevant agent on your device. macOS/Windows agents 3.1 will be available on February 18, 2024.
This section describes the add-ons and other new features that we are releasing with version 3.1.
The following features have been added to the Coro console:
Coro now offers organizations the option to establish workspaces and store data in Canadian and German data centers, alongside existing US centers. This capability is essential for organizations in Canada and Europe who need to keep data within their operational region to meet local regulatory requirements.
The console for each region has a unique URL:
- US: https://secure.coro.net
- Canada: https://secure-ca.coro.net
- Germany: https://secure-eu.coro.net
Organizations that connected a Google Workspace service to the Canada or Germany regions during the beta testing phase must disconnect and reconnect your Google Workspace account. Contact your support representative for more details.
For further information, see Coro architecture.
An executive summary report is now available for each workspace. It offers a detailed overview of the security status and activities within a workspace, featuring a dynamic structure that adapts to the specific modules enabled in the workspace and the tickets generated within the selected reporting period. The report is divided into several key sections, including:
- A general overview highlighting protected users, devices covered, and generated tickets
- The top vulnerabilities for the workspace
- Tickets and top vulnerabilities for each module
For further information, see Summary reports.
MSPs can now archive inactive child workspaces, and Coro admins can archive inactive child and regular workspaces. When a workspace is archived, any cloud applications are disconnected and Inbound Gateway and Network settings are cleared.
For further information, see Archive workspaces.
The following features have been added to the Endpoint Security module:
USB drives on macOS devices can now be blocked. The USB Lockdown device policy allows admin users to block mass storage devices such as USB flash drives and USB hard drives.
For further information, see USB lockdown.
Tamper protection is now supported on macOS devices.
For further information, See Tamper protection.
The following features have been added to the Email Security module:
Coro’s Inbound Gateway add-on extends the anti-malware and anti-phishing protection offered by the Email Security module. It offers a full email proxy gateway solution that intercepts all inbound emails destined for your user’s accounts before malicious content can enter the organization's network.
For further information, see Inbound Gateway.
The following features have been added to the EDR module:
Coro EDR now detects and creates tickets based on malicious process detection rules.
For further information, see Ticket types for EDR.
Coro EDR can now import file, folder, and process records from a list contained in a CSV file.
For further information, see Block processes.
The following features have been added to the Network module:
The Coro VPN now offers two encryption strengths:
- AES-128: faster, enterprise-grade security
- AES-256: slower, military-grade security
By default, a virtual office has an encryption strength of AES-128.
For further information, see Change the encryption strength.
The following features have been added to the MDM module:
Admin users can now add applications to a device policy from the Coro console based on the app name.
Admin users can now mark a device as disenrolled from the Coro console. The device remains visible in the Devices list, but is no longer accessible or managed by Coro MDM.
Admin users can now permanently remove a disenrolled device from Coro MDM.
The following features have been added to the Connectors section of the console:
Coro now supports ConnectWise PSA integration. ConnectWise is used to map services (Coro modules and add-ons) and companies (managed workspaces) via a PSA connector in order to report workspace usage data.
For further information, see ConnectWise integration.
Version 3.1 introduces the following additional changes:
When content inspection is enabled, admin users can view sensitive data in the email content and findings sections of tickets related to User Data Governance. Sensitive data is data considered private or protected by law, policy, or contractual obligation.
When disabled, these sections display a message stating "Access to sensitive data is restricted" if they contain sensitive data.
Coro EDR now automatically decodes base64-encoded command lines displayed on the Telemetry page, rendering them understandable for admin users.
For Windows devices, when Tamper Protection is enabled, Coro EDR now safeguards against malicious attempts to disable the Windows Event Viewer, which is critical for gathering Windows event log EDR telemetry data.
If a device loses network connectivity or the Coro agent is inactive, Coro EDR now preserves your telemetry and process data. This saved data becomes accessible once the device re-establishes connection or the Coro Agent resumes operation.
The accuracy of IP geolocation has been improved for Access Permission and Suspected Identity Compromise tickets.
MSPs can now export the notification settings of their admin users to a CSV file. Each admin user sets their notifications from My Account -> Notifications.
Files with a comma in the file name sent through Secure Messages were not able to be downloaded. These files can now be downloaded.
When some special characters were entered in the search bar, an error message was received. Special characters can now be used without receiving errors.
This section describes the following additional agent updates that we are releasing with version 3.1:
The relevant agent must be updated on your device before changes take effect. The features described will not function until the updated macOS and Windows agents are installed. These are available on February 18, 2024.
macOS agent 3.1 releases February 18, 2024, and includes the following:
For further information, see macOS device USB lockdown.
For further information, see Tamper protection.
General bug fixes were made for this release.
Windows agent 3.1 releases February 18, 2024, and includes the following:
For further information, see Protection against disabling the Windows Event Log.
For further information, see EDR data safeguarding.
Improved detection scanning.
General bug fixes were made for this release.