Description


Product Updates for July.


Avanan:

Enhanced Granularity of Custom Queries:

  • Users can now search for emails using multiple values in the same query field and select AND or OR operators between conditions in the same field.
  • Avanan now enhances Custom Queries with these capabilities:
    1. Many search values in one query - For fields that include free text input, you can now paste long lists of up to 200 values.
      To do that, select one of the new available conditions (Contains Any, Matches Any, Exclude Contains, and Exclude Match), click on the list icon and paste the desired list of values - one value per line)
    2. Multiple search conditions for the same field - when filtering based on a field, you can easily define multiple conditions to fine tune your search.
      To do that, click on + Add one more and add the new condition.
      You can control the operator (And/Or) between each condition by selecting from the drop down menu.

Custom Sender for End User Restore Request Notifications

  • Administrators can now customize the sender address, From Name and Reply-To address of end user notifications related to submitted restore requests.
  • To enable this: Go to Security Settings > User Interaction > Quarantine > Restore Request Feedback and customize the different parameters.

    Note that you will only be able to select an address whose domain is one of the domains in your Microsoft / Google account.

     

Additional Workflow for Inbound DLP

  • Administrators can now select to quarantine inbound emails that violate the DLP policy without notifying end users - This means that you can set it so that only administrators are informed about the violations and are able to restore these emails.
  • To enable this, go to the Office 365 Mail DLP policy, select the Inbound direction and select the new workflow: Email is blocked. User is not alerted (admin can restore)



Enhanced Prevention for Threats from Compromised Accounts

  • Avanan can automatically block all outgoing emails from accounts detected as compromised.
  • To automatically block all outgoing email traffic from compromised accounts, go to Security Settings > Security Engines > Anomaly Detection > Configure and check the Add Anti-Phishing block list for outgoing emails under the Compromised accounts and/or Suspected compromised accounts workflows.

Enhanced Security for Actions taken by End Users

  • End users are required to authenticate before taking actions from email notifications
  • They will be required to enter their email address and type in a one time passcode that will be sent to their mailbox.
  • This process will need to be done only once every 30 days.
  • In the near future, administrators will be able to extend or shorten the duration for which a single authentication will be valid for.


AI Assistant - Email Search Powered by Generative AI 

  • Administrators can now filter through emails using native language prompts.
  • To access the AI Assistant, go to Mail Explorer, click on the AI Assistant button and type in your prompt.
  • The AI assistant allows your search to be based on many fields, more than the ones visible in Mail Explorer and even in Custom Queries.
  • The AI Assistant is fully hosted in the Avanan cloud, restricted to the region of your Avanan portal. No information or prompts are shared outside your Avanan infrastructure.

    Note – this feature is being deployed gradually. You should see it in your portal within the next 2 months.


Hiding the Original URL from Re-Written URLs

  • Avanan can hide the full path of the original URL from end users to prevent them from bypassing URL security.
  • Avanan now allows obfuscating the full path of the URL, leaving only the URL domain visible.
  • To obfuscate the full path of the re-written URL, go to Security Settings > Security Engines > Click-Time Protection > Configure > Re-written URL and select the only original URL domain… option

Enhanced Retention for Emails Quarantined by Microsoft

  • Emails quarantined by Microsoft are now retained for a longer period of time than Microsoft’s retention and this duration can be configured.
  • Since Microsoft’s maximum retention period of quarantined emails is between 15 and 30 days, some customers don’t get to handle the restore requests on time. Avanan now allows storing emails quarantined by Microsoft for up to 180 days, giving teams plenty of time to get to the restore requests.
  • Administrators can customize this period to be shorter, if there is a compliance requirement mandating them to do so.
  • To customise these settings: Under System Settings > Customisation > Retention Setting > Email Retention Settings > Select Custom to edit. 

Automated Handling of Emails Reported as Phishing by End Users

  • A new set of workflows to automatically respond and remediate end user reports on phishing emails.
  • Avanan now allows administrators to set automated workflows to cut 90-100% of time spent on this task.
  • Every time a user submits a phishing report, Avanan re-evaluates the email, using updated reputation, updated security engines and with the report as an additional indicator for the AI. The result is a re-evaluated verdict - clean, phishing or inconclusive.
  • To do that, go to Security Settings > User Interaction > Phishing Reports > Reviewing phishing reports, select one of the preset automation levels and - if needed - customize the workflows and notifications.


Keep Promotions (Graymail) Emails in a Separate Folder

  • A new set of workflows for Graymail, including a workflow to move them to a dedicated folder under the users’ Inbox.

  • Avanan now allows organizations using Microsoft 365 Exchange Online to automatically move these emails to a dedicated folder. This folder will be created and maintained by Avanan, so that all employees know exactly where to find the emails.

  • To do that, use the new Graymail workflow under the Threat Detection policy and select the Email is allowed. Deliver to a dedicated folder option.


MPmail

Control Panel Updates:

  • Enhancements In the “General Settings” tab under “Security Settings” > “Spam and Malware Protection”, new infomail filter options for social media notifications, purchase notifications and travel notifications can now be applied.


Dropsuite 

AutoDiscover for M365 SharePoint Backup

  • Enhanced the AutoDiscover feature for M365 SharePoint backup, offering modularity in backups. Users can now choose to enable AutoDiscover or back up only selected SharePoint sites.
  • There is now an additional step, “AutoDiscover Setting,” when adding in an M365 backup. There are two methods for M365 backup: using Global Admin or Service Principal.
  • The AutoDiscover Setting includes two features for M365 backup: AutoDiscover and SharePoint Site backup exclusion. These features are independent, so users can exclude SharePoint Sites without enabling AutoDiscover. 


  • How do you enable SharePoint AutoDiscover?
    • To enable SharePoint AutoDiscover, which automatically detects and adds new sites to the backup, follow these steps:d

    • During M365 Authentication:

      1. Locate and turn on the AutoDiscover toggle (as shown under "Adding a new M365 Backup" section above).
      2. Confirm by clicking the "Continue" button in the pop-up confirmation.


  • How do you exclude SharePoint Sites? 
    • This process excludes specific sites from being identified by AutoDiscover and automatically added to the backup.

      During Initial Setup:


      1. Find SharePoint exclusion in step 3 of the AutoDiscover Settings.
        Note: The SharePoint exclusion and AutoDiscover features are independent. You can exclude SharePoint sites without enabling AutoDiscover.

      2. Select which sites to exclude from the backup.
      3. Click the Exclude button in the right-side drawer.
      4. Click the Finish Setup button.


Guardz

Email File Type Filtering

  • An enhanced email filtering to block or allow specific file types per customer.
  • This new management capability can be found in the Security Controls > Email Protection > Block List.
  • Key Highlights:

    • Customizable File Type Blocking: Users can now block or allow specific file types, such as WAV files. This allows organizations to tailor their email security policies to their customers' unique needs.

    • Advanced Management Options: Under the Security Controls -> Email Protection section, administrators will find additional management options to configure these settings. This ensures a streamlined and efficient process for updating email scanning rules.

    • Global and Per-Customer Control: This feature is manageable at the global MSP level, providing a default set of rules for all customers. However, administrators can override these settings on a per-customer level, allowing greater flexibility and customization.

  • Benefits:

    • Enhanced Security: By blocking potentially harmful file types, organizations can reduce the risk of email-based attacks.

    • Greater Control: Tailor email scanning rules to specific organizational needs, enhancing overall email security management.

    • Simplified Management: Centralized management options make it easy to implement and adjust policies.



Beta Release: SentinelOne Integration

  • This is a Beta release and will allow for a SentinelOne Integration in the portal.
  • This initial collaboration will allow MSPs to bring their own S1 Singularity Endpoint licenses and integrate via API directly into Guardz.
  • SentinelOne NGAV, EDR and EPP detections will now appear directly as Guardz issues and threat responses can be facilitated through Guardz remediation workflows.  This means that MSPs can manage their endpoints within the Guardz platform in a simplified manner, and benefit from the Guardz ability to connect the dots across devices, users, data, cloud and more.



Improvements

  • Detection Alert Redesign
    • We are pleased to introduce a significant redesign of our email alerts for new Detections. This update brings several enhancements aimed at improving the clarity, relevance, and overall user experience of these notifications.
      • Enhanced Focus on Detection Severity: Alerts now emphasize the severity of detections, helping users prioritize their responses effectively.
      • Detailed User and Device Involvement: Alerts include detailed information about the users and devices involved, aiding in understanding the problem's scope and taking appropriate action.
      • Coming Soon: Stay tuned for upcoming upgrades to other email notifications, with similar improvements in design, clarity, and functionality.
    •  

    • Hide Demo Data
      • A new "Demo Data" toggle button has been added to the customer page to allow admins to hide or show demo data more easily.
        • MSPs can now use the demo data to showcase the platform's capabilities without exposing real customer data, providing a secure and effective sales tool.

      • When demo data is hidden, it is excluded from the aggregated counts to ensure accurate reporting