Description

Product updates for July 2025

Please note that some of these features are being enabled gradually.

Avanan:

Real-Time Alerts on Leaked Credentials Now Available in Avanan

Avanan now introduces real-time monitoring and alerting on corporate credentials leaked to the dark web with the newly introduced External Risk Management (ERM) add-on.

While Avanan already prevents email-based attacks like phishing, business email compromise, and malware, credentials can still be compromised through external means - malware infections, password reuse, or third-party breaches. The ERM add-on fills that gap, enabling early detection and fast remediation when corporate credentials surface on the dark web.

With the newly introduced ERM add-on, security teams gain three key advantages:

Stay ahead of attackers – Receive immediate alerts when employee credentials are found on the dark web, allowing you to take action before those accounts are exploited.

Instant remediation – Reset passwords or block compromised users with a single click, directly from the Avanan dashboard.

 Consolidation – Access dark web intelligence alongside email threat prevention in one consolidated platform, simplifying security operations and response.

This is an add-on feature available for purchase. Interested customers should click Request Activation under Add-on Store > Leaked Credentials

Branded Headers Now Available in Security Awareness Training Notifications

Avanan now allows administrators to add branded headers to email notifications sent as part of the Security Awareness Training experience.

As part of Avanan's Security Awareness Training offering, end users receive email notifications from time to time - for example, reminders to complete assigned training modules. These messages are crucial to ensuring consistent engagement, but they can sometimes be overlooked or mistaken for phishing attempts.

To help build trust and improve recognition, administrators can now add a branded header to these notifications. The branding shown in the header reflects the organisation’s existing customisation settings under the Global Settings for Security Awareness Training, ensuring a consistent and familiar experience for end users.

To enable this feature, go to:
Security Training > Policy > Global Settings > Add branded header to email notifications, and select Yes.

New Security Awareness Training Modules Now Available in Avanan

Avanan has released 3 new training modules to help organisations strengthen their user-level defenses against common cyber threats.

The new modules focus on targeted attack vectors and day-to-day risks that often lead to data breaches, providing users with practical knowledge and interactive content designed to improve security behaviors.

The newly introduced modules are:

• Spear Phishing & CEO Fraud - educates users on how to identify and respond to impersonation attempts and executive fraud tactics.
• Malware Awareness - covers the risks of malware-laden emails and how to avoid triggering infections through common user actions.
• Removable Media & USB Device Safety - highlights the dangers of plugging unknown or unauthorised devices into corporate machines and how to mitigate those risks.
• Email and Attachment Safety
• Protecting Personally Identifiable Information (PII)
• Incident Reporting & Response Basics

Each module is designed to be concise, engaging, and easy to deploy as part of your ongoing Security Awareness Training campaigns. By incorporating real-world scenarios, the training helps reduce user susceptibility and supports your broader security posture.

Add Notes to Security Events and Enjoy Smarter Filtering on the Events Page

Avanan introduces two usability enhancements that make investigating and managing email security events faster and more intuitive.

Security teams reviewing events in the Events page can now add personalised notes to any event. This is especially useful for tracking investigation status, referencing ticket numbers, or sharing important context with teammates - directly within the event timeline.

To add a note, click the three-dot menu next to the relevant event and select Add Notes. Notes are saved with the event and visible to all Avanan users in the portal.

In addition, the Events page now offers a smarter filtering experience. The most commonly used filters are displayed by default, streamlining everyday investigations. You can also click Add Filter to access the full list of available filters and quickly refine the event list based on specific attributes.

New Manager Alert for Encrypted Attachments Sent to External Recipients

Avanan now allows administrators to automatically alert an employee’s manager when the employee sends a password-protected attachment to an external recipient.

This new alert option is available in all DLP policies, regardless of the selected workflow. It gives managers visibility into potential data exfiltration attempts and possible violations of corporate policy, by flagging cases where encrypted attachments are sent outside the organisation. The alert is fully customisable to match internal communication and escalation preferences.

To enable the feature, open the relevant DLP policy, scroll to the Alerts section, and check the box labeled Alert the user manager for password protected attachment.

Enhanced DLP Precision: Granular Matching and Regex Validation

Avanan now introduces two new features that allow administrators to define DLP policies with greater accuracy and intent.

DLP policies must be precise and tightly scoped. Overly broad detection can generate false positives, which not only disrupt legitimate business communication but also burden helpdesk teams with avoidable support tickets. To prevent this, it's essential that DLP rules reflect exactly what needs to be protected, and where.

The first enhancement gives administrators control over where a data type is matched in the email. Instead of scanning the entire message, you can now specify if a data type should be detected only in the subject, body, or attachments. For example, some patterns might indicate sensitive data only when found in attachments, and would otherwise create unnecessary alerts. This selective matching reduces noise and helps enforce policies that are aligned with business logic.

The second feature improves how data types are defined using Regular Expressions. False positives often result from overly broad or untested patterns. To help with this, Avanan now validates the syntax of regex-based data types and allows administrators to test them on sample strings. This makes it easier to confirm that the regex catches what it should - and only what it should - before enforcing it in production.

To configure these capabilities:

• Match Location: When editing a data type, scroll to the Match on section and select the relevant parts of the email to scan (subject, body, or attachment). 
• Regex Testing: For regex-based types, check that the Valid Regex label is shown. Then click Click here to test your regex and input example strings to confirm matching behavior. 

Automatically Assign Training to Users That Repeatedly Fail Phishing Simulations

Administrators can now automate the delivery of Security Awareness Training to users who demonstrate lower cyber awareness by repeatedly failing phishing simulations.

Security Awareness Training is most effective when it's timely and relevant. Avanan now introduces a powerful automation feature that assigns the Phishing Awareness training module to users who repeatedly fall for phishing simulations.

Admins can define how many consecutive failures will trigger the training, how long the user will have to complete it, and which users the policy applies to. This ensures that training is targeted to those who need it most, reinforcing cybersecurity hygiene without adding manual overhead.

To set up automated training assignments, create a Security Awareness Training policy and navigate to Phishing Simulation > Action on Failure to configure the relevant parameters.

New Mail Explorer Filters to Refine Searches for Quarantined and SAT-Related Emails

Avanan introduces two new filtering capabilities in Mail Explorer that help security teams quickly find the emails that matter most.

These enhancements simplify investigations by allowing analysts to exclude irrelevant results and identify simulation emails from Check Point’s Security Awareness Training campaigns.

With the updated Quarantine State filter, you can now exclude emails that were already released when searching for quarantined messages - whether they were quarantined by Check Point or Microsoft. This helps reduce clutter and focus investigations on unresolved cases. Additionally, a new Detection filter lets you search for emails generated by Avanan's Security Awareness Training, including phishing simulations, feedback messages, and training notifications - making it easier to track campaign engagement and impact.

To exclude released emails:
In Mail Explorer, under the Quarantine State field, select Quarantined for either Check Point or Microsoft, then disable the Include Restored toggle.

To filter for awareness training emails:
Use the new Detection filter and select the relevant category. 

Dropsuite:

End-User portal role accessibility improvement

Groups & Teams backup access is now more precise, and each role gets the appropriate permissions

New retention support for OneDrive

Your OneDrive data is now protected by the same retention rules as your other workloads.  This gives you more coverage and a consistent experience across workloads in the portal

Bug Fixes

Calendar backup failure: The system was unable to get a backup delta, which was fixed by adjusting the code so the backup runs normally
Shared mailbox pending backup: An inaccessible API endpoint caused the pending backup. The system resumed normal operations after switching from calling the API to the M365 user ID.

Inconsistent QBO search result: Multiple search requests were being triggered before the previous search completed. This was solved by implementing API timeout configuration, blocking UI during search, and improving UI for better clarity.

MPaware:

Various Fixes to Improve Stability, Scalability, and Security

• Our team has been diligently executing backend updates to enhance your platform experience, as well as that of your users. These efforts were primarily focused on improving reports and email templates.

• These updates were designed to provide a smoother, more stable experience for administrators and end users alike.

Catch Phish now available via Microsoft

We’re excited to announce that Catch Phish is now available in the Microsoft App Store, making it easier than ever for you to deploy and manage phishing training for your clients.

How This Helps You Support Your Clients:

• Keep Clients Up to Date
  By deploying Catch Phish from the Microsoft App Store, you can ensure your clients always have the latest version, without the need for manual updates or redeployment. It’s a simple way to ensure they stay current with the latest features and training improvements.
• Save Time on Installations and Maintenance
  No more XML sideloading or repeat deployments. The App Store version simplifies setup and future updates, freeing your team to focus on higher-value work.
• Simple Switch, Smoother Management
  If you previously deployed Catch Phish using an XML sideload, that version needs to be removed before installing via the App Store. It’s a quick one-time change that makes future management easier and more efficient.

Guardz:

New Guardz Agent Uninstallation Flow

Caution Banner Customisation