Version 3.8.4 includes:
This section describes the new features added in version 3.8.4.
The following features have been added to the Cloud Security module:
MSP admin users can now view device and user protection limits, where configured, for child workspaces in the Global View workspaces list.
For more information, see Using list view.
The following features have been added to the User Data Governance and Endpoint Data Governance modules:
Admin users can now create User Data Governance access permissions policies based on user label.
For more information, see Setting access permissions.
As part of scheduled endpoint sensitive data scans, Admin users can now configure exclusions based on files or folders.
For more information, see Exclusions.
The following features have been added to the Email Security module:
Admin users can now enable real-time URL protection for emails received via Coro's Inbound Gateway.
URLs in received emails are scanned for threats and exchanged for safe links that, when clicked, provide continuous protection against malicious URL targets. Link protection persists after delivery, meaning Coro continues to check links for malicious content if a user revisits the email in the future.
For more information, see Real-time URL protection.
The following features have been added to the Network and SWG modules:
This release extends DNS filtering so admin users can now configure Coro to forward requests for internal or on-prem domains to their local DNS.
For more information, see Conditional forwarding.
The following features have been added to SAT:
This release adds NIS2 to the list of SAT regulatory compliance courses.
For more information, see Compliance training.
Admin users can now resend previously-assigned training courses to users.
For more information, see Retaking training courses.
During service activation, admin users can now select a random journey option so each enrolled user receives phishing simulations in a random order during their journey. This can help reduce cheating and mutual assistance between enrolled users.
For more information, see Activating SAT.
Version 3.8.4 introduces the following additional changes:
In previous releases, MSP admin users for inactive channel workspaces were prevented from managing descendant child workspaces due to the inactive workspace status. This release resolves this issue and enables those MSP admin users to perform relevant tasks in the Console's Global view pages.
This release improves the layout and appearance of the filter and search bar on all pages.
MSP admin users can now configure module availability in channel workspace subscription rules independently to bundles.
Previously, modules included as part of bundles were automatically available for workspace subscripions on an individual basis in parallel with the bundle. This release introduces stricter selection constraints such that modules must be explicitly allowed in channel workspace subscription rules to be available for descendant workspace subscriptions.
To learn more, see Managing workspace subscriptions.
The Contact user ticket action now sets the reply-to email address to the current admin user. This means recipients now have a named contact to which they can send replies.
To learn more, see Ticket actions.
Coro now displays security gaps in priority order, highlighting the most critical security issues first.
To learn more, see Security Gaps.
To better highlight the performance impact of regularly scheduled malware and sensitive data scans on endpoint devices, Coro now sets the default scan frequency to every 21 days. The frequency selector is now shown in reverse order, from least frequent to most freqent, to reinforce this.
To learn more, see Scheduled malware scans and Scheduling a sensitive data scan.
This release introduces a more consistent and clearer indication of agent version status on the Devices page, including whether released updates apply.
If Coro releases a new agent version to Beta or Release Candidate (RC) stage, enrolled endpoint devices now show an update as available instead of indicating the existing version is outdated.
Agents now show as pending if automatic updates are enabled and the device is in the queue for an update.
Agents only show as outdated if Coro has launched a new version as General Availability (GA) and the device is still running a previous version.
To learn more, see Agent update status indicators.
This feature requires endpoint devices running Coro Agent v3.8.5 and later.
Coro now monitors process-level network communications on endpoint devices to check for contact with known malicious IP addresses. The agent identifies malicious activity by referencing against an internal threat list, which is regularly synchronized from open-source threat intelligence lists.
A detection match triggers a new EDR ticket in the console, Process communicated with known malicious domain, containing the device and process identities together with details of the suspected malicious IP address.
To learn more, see Malicious process communications tickets.
Coro now blocks end users from repeat-reporting an email as phishing through the Outlook user feedback add-ins if the email is already in the "Suspected" folder (having already been reported).
To learn more, see Installing and using the Coro add-in for Microsoft Outlook 365.
In the Global Ticket Log, when an MSP admin user allows or blocks an email, Coro now offers the choice of list to which you want to add the email. Choose from:
- The global allowlist or blocklist affecting all descendant workspaces
- The local allowlist or blocklist for the affected workspace only
To learn more, see Allowlisting and blocklisting email senders.