A short video on the Universal Syslog Connector is now available to watch at the following link:https://download.webroot.com/SysLog_Connector/Documents/WUSC-11%202.mp4 The video quickly covers:Getting started Demonstration of events being fed to a SIEM
The Webroot ™ Universal Syslog Connector is now released and available for immediate download. It can be downloaded at the following link:https://anywhere.webrootcloudav.com/releases/universalsyslogconnector/Webroot.UnityAPI.LogBridge.zip Hash Values for download integrity check:Algorithm : SHA1Hash : 693AF25498CBB7E9C119AFEB9069E609F7179E0C Algorithm : SHA256Hash : 1609789A6E24F001E117960BA63242ECDAC4EF1D044FDE06E68CD50A7F2E1B84 About the Universal Syslog ConnectorThe Universal Syslog Connector supports event forwarding to Syslog Servers.Leveraging the power of Unity API, Event Notifications can be passed in near Real-Time to Syslog Servers used by SIEMs, SOC’s and MSSPs.More information is contained within the download package.
New Console OverviewOn April 27, Webroot will introduce the first version of a brand-new, cloud-based management console design based on extensive research conducted along with our managed service provider (MSP) and small and medium-sized business (SMB) customers.Because we are moving from an old to a brand-new platform, we cannot provide any transitional stages that would allow us to grant early access. The new platform is designed to be more intuitive and even easier to use, so we anticipate those using the old console will find the transition straightforward.There are two versions of this console:A multi-tennant design specifically enhanced for the needs of the MSPs A standard business console designed to be easy to use for SMBsThe capabilities and functions of these two consoles are functionally similar other than necessary design differences for managing multiple Clients versus managing a single business.Why the change?Our original console was developed more than ten years ago for the Webroot SecureAnywhere® Business Endpoint Protection solution. Since then many things have changed. We have added Webroot® Security Awareness Training and Webroot® DNS Protection to the console, and more additions are on the way. This move was necessary for us to be able to innovate more rapidly and to continue to provide best-of-breed technology for SMBs and MSPs. A new UI/UX and platform infrastructure was also needed to respond to an increasingly sophisticated IT security market.Key console improvements:A new look and feel featuring a cleaner, more contemporary design. It’s responsive and intuitive enhancements were made based on customer research and now uses standardized iconography and terminology. Improvements to system status, actionable remediation workflows, granular visibility, and user error prevention, by addressing known administrative pain points including: Site-to-site navigation Needs Attention actionable from Sites list Delete Site workflow Refined footer Unsaved changes loss prevention Faster UI/UX design changes and improvements Quicker introduction of new features and capabilities now and in the future.Webroot® Security Awareness Training:Console feature parity means that all improvements and developments made within the multi-tenant console are now available in the new console. Distribution Lists and Granular Targeting offer support for creating distribution lists and targeting them with training from the new Webroot management console.New features in this releaseNew Console UI/UX The new UI/UX introduces a new look and feel with a cleaner, more contemporary design and a collapsible left-hand navigation. Moving the navigation makes the UI/UX more intuitive and allows us to more easily add additional cyber resilience solutions in 2021. Webroot Business Management Console (MSP version) new UI/UX Needs Attention Simplification The ‘Needs Attention’ now navigates straight to the the actionable list with a single click, improving the navigation to detected threats and enabling remediation actions in one place for improved efficiency. (MSP version) Needs Attention Start PointOne Click to go to infected endpoint and selecting the endpoint(s) gives immediate access to Agent CommandsSite-to-Site Navigation Site-to-site navigation is now available without returning to the Sites list page, removing the drilling in and out of the Sites page and enabling much faster lateral navigation between sites. Instant site to site navigation through the Site: dropdown menuUnsaved Changes Enhancements To counter not saving changes we have addes a Cancel or Save footer. If these actions are ignored or missed, an unsaved changes reminder prompts the administrator to complete them. New fixed footer in Policy sections to stop saving errorsNew unsaved changes reminder if an Administrator tries to leave without saving Adminstrator Status Enhancements To improve visibility for administators, a new Admins page discplays account type, admin-to-admin navigation, site permissions, sorting and search. This reduces sub-navigation within the Admin list and other Admin-specific areas. It also provides easier management of site permissions through sorting by site permission type and search field. New Admins page for better visibility and easier Admin managementDeleting a Deactivated Site Deleting a deactivated site no longer requires the involvement of Webroot Support. This action is now available in the console. However, it is crucial to note, that once a decactivated site is deleted it CAN NOT be restored once deleted. Super Admins can now delete a Deactivated SiteIMPORTANT - once a Deactivated Site is deleted it cannot be recovered or restoredSecurity Awareness Training – Distribution Lists with Granular Targeting Users now have the ability to easily create distribution lists and to target each with different or common training materials. This allows administrators to segment and more effectively administer the right training to the right person at the right time. MSPs can also do this from the multi-tenant console, saving time when managing training for multiple clients. Easily create training distribution lists to segment or globally train different users
Webroot uses a gradual rollout method for all Webroot Business Endpoint Protection agent releases. As such, you will not necessarily receive the update on the same date and time it is released. Agent changes in PC build 220.127.116.11 (Release starting September 1st, 2020) Fixed: Compatibility issue with Malwarebytes Anti-Exploit and Internet Explorer. Fixed: Possible agent crash at time of shutdown Added: Componentinstall.log and ComponentUninstall.log for new MSI installed components. These files will be in %programdata%\WRData.
Webroot® DNS Protection has joined Microsoft, Google, and Mozilla by officially supporting DNS over HTTPS (DoH) to help businesses and MSPs protect their users better than ever before. With our latest enhancements, Webroot DNS Protection now combines the privacy benefits of DoH with the security benefits of DNS-layer protection powered by Webroot BrightCloud® Web Classification intelligence. Highlights in this release include: NEW: Webroot DNS Protection now processes DoH requests natively New features in this release Privacy and Security with DNS over HTTPS (DoH) DNS has been around since 1983 and has worked brilliantly at resolving all internet domain requests for both IPv4 and the newer IPv6 address spaces. However, DNS was not built with privacy or security in mind, as it communicates all requests in clear text. To make DNS more secure for users, the new DoH protocol encrypts the requests using the same encryption used when connecting to a secure website: HTTPS. All the major browsers are beginning to support DoH, but adoption is only beginning to take off. Unfortunately, this advancement can bring security issues if not handled with control. Admins derive considerable value in monitoring and filtering DNS requests. Having applications capable of making DNS requests independently defeats this value by circumventing the in-place protections. To correctly leverage the advantages of DoH, every DNS request on a must be passed via DoH, applications must be prevented from making rogue DNS requests, and filtering and logging must be maintained. Native DoH Support Webroot DNS Protection leverages the advantages of DoH by encrypting and managing the DNS requests for the entire system, and then securely relaying these requests via DoH to the Webroot resolvers. This way, admins retain control of DNS and are able to filter and log, while the user and business benefit from the additional privacy and security. Webroot DNS Protection service in the future Throughout the rest of 2020, we will continue to innovate and further take advantage of DoH. Look out for unique, first-time features and capabilities that will now be possible, which will help take DNS Protection from an easy-to-deploy- and-admin security solution, to an industry-leading and powerful security control point. What do I need to do? If you are already using DNS Protection, no action is required. The DNS Protection agent will default to communicating using DoH. To protect your entire network, all you need do is ensure your network’s local DNS server supports DoH, and make sure it uses the Webroot DNS server for resolution. If you are not yet using DNS Protection and want to test it for yourself, log in to your Webroot Business Console to start a free trial today.
ConnectWise Automate Update 18.104.22.168 - (June 10th 2020) New Features Global Client filter to enable vastly faster access to plugin pages by larger customers Added Location as a new column within the Computers page to help usability Added Active Threats value to Computers page Added the ability to turn on ARPNOREMOVE via plugin global settings for additional security Enhancements Removed Client & Location tabs and -Clone Unique Identifier option to reduce legacy technical debt Fixed SQL injection vulnerability as well small bugs Changed the API endpoints used with the computer data synch process to be more efficient Restricted Threat History to 3 months to reduce strain on DBs with large numbers of detections Latest plugin guide can be found here The normal distribution for this plugin is via the ConnectWise Solution Center, however, a full version can be downloaded here If issues arise with the new version, the previous full version 22.214.171.124 can be downloaded here Hop into the conversation here
Kaseya VSA on-prem plugin 2.6.20149.1 - (June 3, 2020) New Features Added Customer Support Diagnostics command button to gather endpoint diagnostic information for Webroot support. Added the ability to retain Kaseya machine admin defaults to navigate different parts of the VSA without having to search machine filters again, making the integration more seamless between other modules. Added extensive Alert Setting features with different Alerts and actions. Added “Webroot Uninstalled or Removed” alert. Enhancements Redesigned Unity API configuration screen to simplify API sign-on process and improve security. Added self-healing process to try and fix stalled actions. Added enhanced error logging. Temporarily removed the Webroot Console SSO feature until it is re-purposed and reintroduced. Bug Fixes Fixed Auto Deployment for machine with uninstall status. Fixed Agent procedure OS type check issue. Fixed Webroot Settings scope issue. Minor fixes and UI enhancements. Additional Information: The download link for the new plugin is here Kaseya Automation Exchange tile can be found here Latest documentation can be found here If customer wishes to roll back, previous release can be found here Hop into the conversation here
Overview To better serve our customers who use Microsoft Azure Active Directory (AD), our latest release of Webroot Security Awareness Training includes an Azure AD integration for user training management. The Azure AD integration keeps Security Awareness Training target users in sync with the AD tenant, so admins no longer need to upload CSV or LDIF files, nor manually enter users into the Security Awareness Training console. The enhancement will help automate both the initial import of target users, as well as adding/removing new and existing users as they join or leave the organization. From the Microsoft Azure portal, admins can also choose to sync all target users or only specified AD groups that require training. We continue to add new courses and phishing templates on a monthly cadence to help keep training relevant and engaging. Since December, we’ve added 25 new and updated courses and 8 new phishing templates. Highlights of this release include: New – Microsoft Azure Active Directory integration New – Courses, phishing lures and templates Microsoft Azure AD Integration This product bulletin offers a brief overview of the Webroot Security Awareness Training integration for Microsoft Azure Active Directory. For more in-depth instructions on using this new feature, view the Security Awareness Training Admin Guide. To set up the new feature, open the Webroot management console. Go to Settings > Security Awareness Training and click the new Configure Azure AD Integration button in the bottom left. From here, you can set up secret tokens and the other settings required to use Azure AD. Under Settings > Security Awareness Training, you will now see a Configure Azure AD Integration button New Courses and Templates Since December, we have added the following new courses and templates. We plan to continue releasing new content each month in 2020. A small sample of the new courses available in WSAT For a full list of new courses available in WSAT, please review the attached PDF below.
OverviewStarting at the end of April 2020, we will release enhancements to the Webroot Business Endpoint Protection agent architecture which will lay the groundwork for future releases. Updates will be transparent to your end users and will roll out to all Business Endpoint Protection customers over the coming weeks. We will keep you informed about other updates as they become available.Why are we making changes? Device operating systems continue to evolve and it’s imperative to keep pace with these changes. These architecture improvements will enable Webroot to add features and make future product changes more quickly and efficiently. What should you and your users expect?Your users will not see any changes in terms of functionality, performance, or features.New files will be added in these locations:C:\ProgramData\WRCore\CoreService C:\ProgramData\WRCore\SkyClient\DB C:\Program Files\Webroot\Components C:\Program Files\Webroot\Core C:\Windows\System32\drivers (WRCore.x64.sys)And two new processes will run:WRCoreService.x64.exe WRSkyClient.x64.exeWhat if you encounter any issues you believe are related to this update?Step 1: Collect logs from the affected system.To gather logs:On the system experiencing the issue, download the Webroot log-gathering utility (wsalogs) at: download.webroot.com/wsalogs.exe Save the .exe file to the desktop or preferred download folder. Locate the wsalogs.exe file and double-click to run it. When prompted to enter your email, enter the email address you use to submit tickets to Webroot Support. Click the “Go!” button to begin the log gathering process.Step 2: Uninstall and reinstall Webroot protection to see if the issue persists.Uninstall the Webroot agent. Reboot the system. Re-install the Webroot agent.Step 3: If the issue is resolved after uninstalling/reinstalling, then no further steps are necessary.If the issue persists, please open a ticket with Webroot Support and mention that you gathered wsalogs, Support will provide instructions on how to submit them.
The COVID-19 pandemic has elevated the atmosphere of fear and uncertainty that malicious actors thrive on, making Security Awareness Training even more important now. Here’s how we tuned the WSAT April release to help you deliver value to your users right away: Three COVID-related phishing templates We’re seeing an above-average 12% clickthrough rate on these, emphasizing how important it is to warn your users about these scams. Social Engineering training course You’ll want to make this your topical training for the month, and part of your core security training going forward. Zeppelin Ransomware Security Briefing This is the first in a series of a new training format. Webroot Security Briefings are 2-minute videos designed to quickly inform users to notable trends and issues identified by the Webroot Threat Intel team. This quick, entertaining format does not feature any knowledge verification, so it’s a good way to add some variety to your Security Awareness campaigns. In addition, highlights of this month’s release include improvements to course descriptions and thumbnails in the Library viewer, consolidating the popular Understanding Phishing Micro course into two more focused versions, and removal of broken or obsolete phishing templates. Here are the details: Type Category Title Seat time Description Phishing Template Notification COVID CDC Spoof n/a Plain text; Updated list of cases in your city Phishing Template Notification COVID Company Policy n/a Plain text; Communicable disease management policy Phishing Template Notification COVID Company Survey n/a Plain text; Company seminar and survey registration Phishing Template Notification SunTrust online banking unusual activity n/a Plain text; Notice of unusual bank activity Training Course Security Social Engineering 15 The course is an overview of social engineering techniques. It’s designed to help you understand where threats to your data are coming from, and how you can protect yourself. It forms part of the cybersecurity collection, and can be taken either as a standalone course or as part of the collection as a whole. Training Course Security Webroot Security Briefing: Zeppelin Ransomware 2 In this Webroot Security Briefing, you will learn about the Zeppelin ransomware threat. You will learn where it operates, who it targets, and what you can do to defend yourself against this emerging threat. Training Course Business Skills Customer Service Success 10 We all love to receive great customer service. As consumers it makes us feel good. So much so, consumers now rate customer service as the most important factor when deciding to do business with a company. So it’s really important to understand and avoid certain behaviours that make our customers angry. This course can help you to improve your Customer Service. Training Course Business Skills Equality and Diversity in the Workplace 10 The best companies know that an inclusive environment inspires creativity and innovation. Different kinds of people, from different kinds of places, with diverse backgrounds all working together. In a work environment that honours individuality, human dignity and equality – people want to be themselves, and are empowered to do the best work of their lives. Training Course Compliance Harassment and Bullying at Work 10 Everybody should be treated with dignity and respect at work. Bullying and harassment of any kind should not be tolerated in the workplace. Its effects can be very harmful both to organisations and individuals. Training Course IT Skills Office 2016 Basic 50 Office 2016. Everyone uses Office, and 2016 is pretty close to the year it is now (assuming you’re not reading this, like, 1,000 years in the future). So why not learn the basics, if you’ve not already? If your organisation has recently updated its Office software, it might explain why you you’re here. You want to learn about Office 2016, which is fine – There are a few key differences between this and previous versions of Office. On the other hand, you might not have used any Office products before, which is also fine. Either way, this course will help you get the hang of things by giving you an overview of what’s on offer. Training Course IT Skills Office365 Basic 110 A lot of our course titles have the year of the software after them, but don’t worry: this isn’t a program from 365 AD. This is year to help you to master the Microsoft Office 365 suite. Hence the name. Microsoft Office is ubiquitous. Virtually every business uses or has used it at some point. Therefore, it’s good to know about. This course’ll help you get to grips with the software, whether you’re a neophyte or you’ve used Office before. There’s so much to the suite, there’s bound to be something in here you can learn. Check it out. Training Course IT Skills Sharepoint Overview 10 Microsoft SharePoint is like peanut butter and jelly; it combines all the things you love and need in one place. It allows you to share common resources and applications, which allows your team to collaborate across your organization. Now all your projects will be better than ever before. You're welcome!
Webroot now does a gradual rollout method for releases. As such, not everyone will receive the update at the same time. Mac Version 126.96.36.199 (Released April 7th, 2020) Improved Improved installation experience Fixed Fixed scanning related issues Fixed some upgrade problems Multiple other minor bug fixes
Webroot now does a gradual rollout method for releases. As such, not everyone will receive the update at the same time. Agent changes in PC build 188.8.131.52 (Release on April 6th, 2020) Added Enhancements to facilitate additional threat detections Added April 29th 2020 Agent architecture changes - New files are added in these locations: C:\ProgramData\WRCore\CoreService C:\ProgramData\WRCore\SkyClient\DB C:\Program Files\Webroot\Components C:\Program Files\Webroot\Core C:\Windows\System32\drivers (WRCore.x64.sys - Two new processes run: WRCoreService.x64.exe WRSkyClient.x64.exe Note: 32 bit systems have their own 32 bit versions of these files Fixed “Aw, Snap” crash with 32 bit Chrome Issue with restore from quarantine
Dear Webroot Community, With the release of the 184.108.40.206 Business Endpoint Protection agent for Windows, this agent and all future agents will only be signed with a SHA-256 digital signature since the use of the SHA-1 certificate has ended industry-wide. At this time, we will continue to support Webroot business endpoint agent issues on XP and Server 2003 systems. However, please be aware that in the future we may encounter issues that cannot be resolved given the technical legacy status of these operating systems. In those circumstances, Webroot may not be able to make certain agent updates available to XP and Server 2003 systems. Agent updates will be less frequent and/or eventually stopped. For now, we understand that XP and Server 2003 systems still play a vital role in some legacy systems, and we will work to the best of our ability to provide the anti-malware protection these systems need.For more information, please view our knowledge base article. Sincerely, The Webroot Team
Overview This release of Webroot Security Awareness Training includes new courses, new course library groupings, and a quicker way to clone campaigns, either for re-use or to extend an existing campaign. It also includes additional bug fixes, such as a new and updated LDIF parser to ensure better LDAP integration. The highlights of this release include: » New Courses and Content Library Groupings – In addition to new courses, we have introduced a new view of the content library organized into more logical categories to make it easier for admins to offer users relevant courses. » Auto-Select Lure Templates – When creating a new campaign, picking a phishing email template will now automatically select the matching lure page template. » Clone Campaign and Resend – From the campaign management table, an administrator can now create a direct clone of an existing campaign from the Actions menu on the right of the interface. » New phishing templates available – See product bulletin for complete list. For more detailed information about the release, read the full product bulletin, attached below.
Webroot now does a gradual rollout method for releases. As such, not everyone will receive the update at the same time. PC Agent changes in 220.127.116.11 (Released January 21st, 2020) Fixed Yellow icon fix - Resolves an issue where Microsoft incorrectly detects internet availability Miscellaneous fixes Improved Improved VPN support Agent update tracking Performance and efficiency improvement
Webroot now does a gradual rollout method for releases. As such, not everyone will receive the update at the same time. Agent changes in PC build 18.104.22.168 Added Features released in the previous build 22.214.171.124 Fixed Issues with network connectivity to devices like Canon printers and online games
Need more information? Please read our KB here. Mac Agent Update Version 126.96.36.199 Added Added support for macOS Catalina. Please note that Full Disk Access (FDA) must be enabled for our application to function properly. Known Issues Web Threat Shield is no longer automatically installed. We are working on a solution to enable you to download directly from the browser extension gallery. The right-click context menu has been removed on Catalina. When launching WSA on macOS Catalina, the UI may not open automatically. Please open the UI from the system tray icon.
OverviewBuilding on our previous Security Awareness Training release, this new update makes it easier to create and distribute an informative executive-level campaign training report. In addition, we are adding two new courses on breach awareness, with more to come.Highlights of this release include:New Executive Campaign Summary Reports New Breach Awareness Training SeriesFor more detailed information about the release, read the full product bulletin below.
OVERVIEW This release includes a revised version of the most used Agent Commands and Scan History and Threat Reports now being available in both the Business and MSP Management consoles, The highlights of the release are: Improved – Agent Commands New – Threat Reports New – Scan History New – Dark Web Breach Report New – Training Navigation Enhancements 1. Threat Report New URL reports have been added to the On Demand section of the Reports page. These new reports are: All Threats Seen All Undetermined Software Seen Devices with Threats Seen on Last Devices with Undetermined Software on Last Scan To run any of these reports, select one from the dropdown list and then choose to run it against the site of your choice or All Sites. Once you have chosen your date range, simply click Submit to generate the report. The data from that report will be displayed on screen and from here you can choose to drill down further into the data produced by clicking on a chart or file information. To download a copy of the data displayed, you can click on the Export to CSV button and a copy of the report data will sent to your account email address. 2. Scan History A new tab will be been added to the Devices page when you select a Device to view from the groups page. When clicked this will display a list of every scan that has taken place for that particular device including any threats that have been found during the Scan. You can then drill down to get detailed information regarding each threat and choose to either run a Clean up Command, Restore that file from Quarantine or add a Whitelist Override. By clicking on each Filename, you can then see a detailed view of the infection encountered. 3. Dark Web Breach Report The new Dark Web Breach Report and risk assessment tool now allows Security Awareness Training admins to quickly generate a report to outline any breaches associated with any client’s domain, organized by user and breach. The report includes a breach summary, a list of breached data by category, as well as the users impacted at each client site. The report provides ideal documentation to help admins determine and demonstrate real-world risks, so they can advise clients’ executive management on services and tactics accordingly to avoid future security incidents. 4. Training Navigation Enhancements We’ve made two new navigation enhancements: First, we added a shortcut that launches the Security Awareness Training console from the global training dashboard to make it easier and quicker to move between dashboards. Second, we added a new site selector to the console to make it simpler to navigate between sites. This update also better aligns the Security Awareness Training console with our overall goal of streamlined management across client sites.
Already have an account? Login
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.OK
Sorry, our virus scanner detected that this file isn't safe to download.OK