v3.2 June 16, 2024

Version 3.2, a major release, includes:

• New features
• Enhancements
• Agent updates

Prerequisites

Before you can use the features and enhancements described below, you must update the relevant agent on your device. macOS/Windows agents 3.2 are generally available around a week later.

New features

This section describes the new features that we are releasing with version 3.2.

1. Coro console
   • MSP roles and permissions
   • Export to CSV
2. EDR
   • Allowlisting of process information within files and folders
   • MITRE information section added to EDR tickets
   • Ticket section added to the EDR Processes page
3. Network
   • Mobile device application
   • DNS filtering for Inclusive VPN
4. MDM
   • Support for Apple DEP enrollment
5. Connectors
   • Autotask PSA
6. Email security
   • New ticket type 'Suspicious Metadata'

1 - Coro console

The following features have been added to the Coro console:

1.1 - MSP roles and permissions

Coro is now introducing roles for MSP admin users at the channel and descendant workspace levels. You can assign granular permissions to each role. This helps businesses better align with compliance needs, manage roles in alignment with their internal policies and requirements, and better ensure operational efficiency and business continuity.

You can access MSP admin users roles and permissions through Control Panel -> Manage Workspaces. Coro has three predefined roles, which can’t be edited or deleted:

• MSP Viewer : Can view content.
• MSP Administrator : Can view and edit content.
• MSP super admin : Can view and edit content. Additionally, MSP super admins can reassign roles to MSP admin users and admin users.

Additionally, custom roles can be created for MSP admin users, with permissions tailored to those users. Permissions are categorized into the following options:

• No Access : The MSP admin user cannot see or interact with the section.
• Can View : The MSP admin user can see the section but cannot make changes.
• Can Edit : The MSP admin user can view and make changes to the section.

For more information, see Managing MSP roles and permissions.

1.2 - Export to CSV

An Export to CSV function has been added to the:

• Devices view’s Bulk Action
• Tickets view’s Bulk Action
• Activity Log page
• Protected users list

2 - EDR

The following features have been added to the EDR module:

2.1 - Allowlisting of process information within files and folders

Process and telemetry information in files and folders can now be excluded from collection by the Coro Agent.

For more information, see EDR allowlist and blocklist.

2.2 - MITRE information section added to EDR tickets

EDR tickets now include a section displaying specific techniques and tactics from the MITRE ATT&CK framework associated with the security incident.

For more information, see EDR tickets.

2.3 - Ticket section added to the EDR Processes page

Processes on the EDR Processes page now list all open EDR tickets associated with each listed process.

For more information, see EDR processes.

3 - Network

The following features have been added to the Network module:

3.1 - Mobile device application

The Coro Endpoint Protection app enables VPN protection on iOS and Android.

For more information, see Introducing the Network module.

3.2 - DNS filtering for Inclusive VPN

DNS filtering is now available on both the Inclusive and Exclusive VPNs.

For more information, see Secure Web Gateway.

4 - MDM

The following features have been added to the MDM module:

4.1 - Support for Apple DEP enrollment

Coro MDM now supports enrollment and management of iOS devices configured and deployed through Apple Device Enrollment Programs (DEP). Specifically, Coro supports Apple Business Manager (ABM) and Apple School Manager (ASM) programs.

4.2 - Improved UI/UX

Coro MDM includes an improved and redesigned user interface.

5 - Connectors

The following features have been added to the Connectors section of the console:

5.1 - Autotask PSA

Coro now supports Autotask PSA integration. Autotask is used to map services (Coro modules and add-ons) and accounts (managed workspaces) via a PSA connector in order to report workspace usage data.

For more information, see Integrating with Autotask PSA.

6 - Email security

The following features have been added to the Email Security module:

6.1 - New ticket type Suspicious Metadata

Coro now identifies and quarantines emails containing metadata considered potentially malicious.

For more information, see Suspicious Metadata.

Enhancements

Version 3.2 introduces the following additional changes:

1. Support additional entries in the SWG allowlists and blocklists
2. New DNS filtering blocklist
3. Activity logs for Network module
4. Add a single user to access permissions
5. US state level for access permissions
6. Device posture activity log improvements
7. EDR information added to reports and managed service notifications
8. Enhanced email phishing detection

1 - Support additional entries in the SWG allowlists and blocklists

Wildcards, IP ranges, and subnets can now be added to allowlists and blocklists of DNS filtering.

2 - New DNS filtering blocklist

There is now a DNS filtering blocklist for adult content.

3 - Activity logs for Network module

Activity logs are now available for actions taken in the Network module.

For more information about the logged activities, see Activity logs.

4 - Add a single user to access permissions

It is now possible to enable access restricted to individual users.

5 - US state level for access permissions

It is now possible to enable access restricted to named US states.

6 - Device posture activity log improvements

The activity logs for device posture have been updated to enhance user-friendliness and support updates in policy logging, such as device label removal.

7 - EDR information added to reports and managed service notifications

The daily Coro email report now includes counts of opened and resolved EDR tickets.

8 - Enhanced email phishing detection

Coro's phishing detection and response architecture has been improved to enable Coro to respond to new types of threats even faster than before.

Agent updates

This section describes the following additional agent updates that we are releasing with version 3.2:

• macOS agent 3.2
• Windows agent 3.2

Prerequisites

The relevant agent must be updated on your device before changes take effect. The features described will not function until the updated macOS and Windows agents are installed. These are generally available around a week after the release.

1 - macOS agent 3.2

macOS agent 3.2 includes the following:

1.1 Silent Agent updates

The Coro Agent now supports silent updates, requiring no user interaction.

1.2 Multi-user support

The Coro Agent now supports multi-user functionality on macOS devices, ensuring seamless UI and information collection across different user accounts, including during fast user switching.

1.3 Agent UI improvements

Improvements have been made to the Agent update UI.

1.4 - Bug fixes

General bug fixes were made for this release.

2 - Windows agent 3.2

Windows agent 3.2 includes the following:

2.1 - Integration with NinjaOne RMM

The Coro Agent now supports integration with NinjaOne remote monitoring and management (RMM).

2.2 - Coro registered as an authorized Windows Security Center provider

Coro is now registered as an authorized provider in the Windows Security Center (WSC) and is the primary antivirus (AV) software for the device. After Coro is registered as the primary AV software, WSC disables Windows Defender on the device.

2.3 - Bug fixes

General bug fixes were made for this release.