Description
Product Updates for April.
Please note that some of these features are being enabled gradually.
Updates:
Avanan:
Hide Block-Listed Emails from End Users
- Avanan now gives administrators control over the visibility of block-listed emails in end-user portals and quarantine digest emails.
- Avanan now introduces a new control that allows administrators to completely hide block-listed emails from both the end-user portal and daily quarantine digest.
- This gives security teams more flexibility to:
- Minimize user exposure to messages already classified as high-risk or irrelevant.
- Reduce user confusion and support requests.
- Align email visibility policies with organizational risk tolerance.
- How to Configure:
- Go to Security Settings > User Interaction > Quarantine > End User Permissions > Block Listed Emails and check or uncheck Include block-listed items in digest and portal.
Exclusions for the Email Bomb Prevention Workflow
- Selected mailboxes can now be excluded from the Email Bomb prevention workflow.
- An Email bomb attack is a social engineering attack that is designed to flood mailboxes with unwanted emails – usually subscription confirmations to newsletters the user never signed up for.
- To detect Email Bomb attacks and trigger the Email Bomb protection workflow, Avanan looks for mailboxes that receive many emails in a short period of time from a sender that never before sent them an email.
- While this protection catches all Email Bomb attacks, it may falsely flag mailboxes that often receive legitimate emails from first-time senders. A common example is mailboxes such as support@company.com
- Avanan now supports excluding specific mailboxes from the Email Bomb protection workflow.
- To configure this, go to Security Settings > Security Engines > Anti-Phishing > Configure and type in the excluded mailboxes – comma-separated - in the Email Bomb – Excluded addresses field.
New Graymail Workflow: Deliver to Inbox with a Subject Prefix
- A new Graymail handling option that allows messages to be delivered to the inbox with a customizable subject prefix. Helping you recognize promotional content at a glance.
- Graymail refers to messages users technically opted in to—like newsletters, promotional offers, or notification emails—but often don’t consider critical to their daily work. While not harmful, these emails can clutter inboxes and reduce productivity. To help organizations manage Graymail more effectively, Avanan recently introduced workflows to move these messages into a dedicated folder. Now, we’re expanding those options.
- With this new workflow, Graymail messages can be delivered directly to users’ inboxes and clearly labeled using a configurable subject prefix—such as [Promotional]—so users can quickly identify and filter them as needed.
- How to enable
- Create or edit a Threat Detection Policy.
- Under the Graymail workflow setting, select Add [Promotional] to subject.
- (Optional) Customize the prefix text to match your organization’s preferences
- Note: This feature is currently supported for Microsoft 365 Mail only. Support for Gmail is coming soon—stay tuned for more updates.
Faster Triage with New Filters in Phishing Reports and Restore Requests Dashboards
- New filters to the Phishing Reports and Restore Requests dashboards have been added to help security teams locate and respond to end-user submissions faster and more efficiently.
- Restore Requests table now includes filters for:
- Action by – who took action on the request
- Action justification – the reason behind the decision
- Action time – when the action was taken
- Phishing Reports table now includes filters for:
- Action by
- Action justification
- Reported by – the reporting end user
- Action time
DMARC Management: Actionable Recommendations for Each Failing Sending Source
- Avanan now simplifies DMARC troubleshooting by displaying a clear, concise summary of failure reasons for each sending source, along with a specific, actionable recommendation for remediation. This eliminates the need for time-consuming investigation and guesswork
- To access these insights, just click on any sending source in the DMARC dashboard that shows failure activity.
Enhanced Mobile Experience for End Users
- The daily quarantine digest and end-user portal are now fully optimized for mobile viewing, making it easier than ever to manage quarantined emails on the go.
- With this update, both the quarantine digest email and the end-user portal have been redesigned for a mobile-friendly experience - whether users are commuting, traveling, or simply away from their desktop.
MPaware
Microsoft Teams App Rebrand to Breach Secure Now
- As part of MPaware's brand evolution to bring PII Protect under the unified Breach Secure Now (BSN) umbrella, the Microsoft Teams App has been rebranded to Breach Secure Now, with an updated app icon to match.
- No action is required on your part for the Teams app transition. If you do not see the rebrand right away, please allow up to 24 hours for it to display.
Guardz
Pre-Built Phishing Templates
- New phishing simulation templates are now available in the Security Awareness Training (SAT) module
- This includes a wide range of pre-built phishing templates to simplify the launch of realistic simulations. Such examples include impersonations of popular services such as AWS, Azure, Google, Microsoft 365, and more..
- Simulation emails are sent from domains aligned with the impersonated brand, enhancing realism and increasing training effectiveness.
Compliance Evidence Mapping (Beta)
- A new feature is coming soon!
- The purpose of this is to help streamline audit preparation and support compliance reporting. Available in the Single Customer View, it provides per-customer visibility across frameworks like SOC 2, ISO 27001, HIPAA, and GDPR, with a structured overview of mapped security controls, their issue statuses, and exportable evidence - all in one place.
- Key Functions Include:
- Framework Selection - Choose a compliance framework and view its specific requirements.
- Mapped Security Controls - Understand which Guardz modules apply to each requirement.
- Issue Status Bar - Get a visual overview of open, in-progress, and resolved issues.
- Evidence Exports - Download available CSV files for both configuration and detection data.
- You can also jump directly to the Issues page, pre-filtered by control and status, for deeper investigation.
- Available in Single Customer View for all frameworks mentioned above.
- All Guardz modules are included in the evidence mapping.
SentinelOne Console User Management
- Prerequisites: Ultimate Plan with SentinelOne EDR
- SentinelOne Console User Management empowers Guardz admins with control over who has direct access to their SentinelOne console.
- Console User Management includes the ability to add, delete, reset passwords, and resend onboarding emails. Console Users are created from the MSP (All Customers) view in the Security Controls and let's the admin choose the access scope to an Account (All Customers) or by selecting one or more Sites (customers).
- Console Users may require direct access to the SentinelOne console for various functions that are not available in the Guardz platform as of April 2025:
- Investigate a threat with process details and storyline visualization
- Manually create and manage hashes in the blocklist
- Manage S1 predefined exclusions
- Remove a file from Quarantine (after issue is closed in Guardz)
- Create & manage SMTP, Syslog and SSO
- Generate S1 reports and schedules
- Vulnerability Management (apps with known CVEs and outdated software)
- Network Discovery
- Modify firewall control settings
- Configure email notifications