New in 2022.4: Endpoint Detection and Response Beta with deep threat insights

This release represents a major step forward for our Endpoint Detection and Response (EDR) solution, which now provides deep threat insights that enable you trace the origin of a malware attack. You can browse through the entire process tree that led to the execution of the malware, and easily see all file and registry modifications.

Extended MITRE ATT&CK malware behavior patterns

The new extended process activity analysis feature also provides support for a wide range of MITRE ATT&CK patterns that detect and highlight potential threats, providing you with complete control over the response. With a single click, you can either block and quarantine a threat across all devices in your workspace, or whitelist a specific file to avoid future alerts.

EDR availability

The new advanced EDR functionality is available to all users of Emsisoft business and enterprise solutions. While Emsisoft Business Security includes activity logs relating only to impacted process chains only, Emsisoft Enterprise Security users will benefit from full insights into to all processes.

If you’d like to be one of the first to test out the new threat hunting capabilities, you can enable the new EDR functionality in your protection group policies or in individual device settings in Emsisoft Management Console. Go to MyEmsisoft

Please note that Emsisoft EDR is currently in beta and under active development, which means certain functionality may not yet be available and some stability issues may be encountered. Because of this, we recommend that the beta not be used in production environments and only by users who are comfortable restoring their systems from backups. Our developers keep improving the product and you will notice ongoing improvements.

Cost

We’re pleased to announce that Emsisoft EDR will not be an expensive add-on, but will instead be included with all Business Security and Enterprise Security licenses as standard.

Compare Emsisoft license plans here

Note: If you’re a user of the Home edition or a legacy Emsisoft Anti-Malware edition and would like to use the new advanced EDR features, please consider an upgrade to our business solutions. Check out the ‘Settings’ panel in your workspace for available upgrade options or get in touch with our support team.

All 2022.4 improvements in a nutshell

Device protection (desktop)

• New EDR deep threat insights.
• Added EDR and Content Filtering status labels on overview screen of Business/Enterprise editions.
• Improved readability of notification popups.
• Several minor tweaks and fixes.

Management console (web app)

• New EDR deep threat insights.
• New MITRE ATT&CK patterns added.
• Several minor tweaks and fixes.

How to obtain the new version

As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default.

Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.

Have a great and well-protected day!