Skip to content


Coro version 1.8 provides new features, enhancements, and fixes:

New features

This section describes the new features that we're releasing with version 1.8.

Disk encryption for macOS

Coro has updated the endpoint agent to support remote disk encryption on macOS systems, to be released in a future version.

Options for Coro agent updates

Workspace admins who wish to upgrade the Coro agent can now see a list of available Coro Agent builds from the Coro Console.

You can also see the release notes of each build, as well as the maturity status of each build, meaning: "BETA" or "STABLE".

For more information, see Agent deployment.

Open Zendesk tickets from Coro web console

You can now submit a Zendesk support ticket from the Coro web console. The support ticket form is pre-populated with the workspace ID and the email address of the console admin.


Following are enhancements to existing features that we're releasing with version 1.8:

  • More intuitive descriptions have been introduced for some ticket types in the ticket log:

    • For "Malware on Endpoint" tickets, the description is now: "Malware file has been detected and is being quarantined."
    • For the "Infected Process" ticket, it is: "Infected process has been detected and is being terminated."
    • For the "VSS Backup Protection" ticket, it is: "An attempt to delete VSS backup files has been detected and prevented."
  • We have added last seen and the serial device to the device details.

  • In data loss prevention (DLP) tickets of type PCI, PII, or PHI, the field File name is now displayed in the ticket log details.

  • All activity logs relating now only appear in the ticket log overview.

  • Endpoint vulnerability tickets are now listed per user, reducing the total number of related tickets.

  • All admins can now add symbols when using 2FA.

Miscellaneous updates

We've made many changes and improvements across the Coro Console, including fixes and enhancements to the UX, improved messaging, fixes to the sign-in flow for SSO users, additional allow-listed processes and other similar items.

Fixed issues

  • The number of Suspected Identity Compromise tickets that were generated by logins via API of third-party apps connected to Slack has been reduced.

  • Previously, for some detected viruses on Cloud drive, the ticket reported:

    Unknown {eventDetails.fullDetails.Detected by service}.

    Now, these appear as follows:

    "detectedByBitdefender": "Detected by BitDefender", "detectedByMicrosoftDefender": "Detected by Microsoft Defender", "detectedByBoxShield": "Detected by Box Shield",

  • Autocomplete in the Search field of the ticket log is now working as expected.

  • The VSS description in the console has been corrected.