EDR Version 10522

NOTE Datto EDR leverages a staggered release process. You'll receive an in-product notification when these updates are available to your instance.

Version information

Endpoint Security Agent	Ransomware Agent	Rollback Agent	API
3.16	1.3.0	1.2.2	5.0.0

New Features

Datto AV for macOS

Protect your macOS endpoints with Datto AV! Deployment and management are as seamless as they are with Windows. Simply configure and assign a Datto AV policy, and it will automatically deploy to any macOS endpoints within the assigned locations. Learn more in the article Datto AV for Mac

DNS Secure

Introducing DNS Secure, a new security layer built into your Datto AV policy to block user access to malicious websites. Safeguard users from phishing, spam, malware, and other harmful web domains. See the article Configuring Datto DNS Secure.

Real-time Protection Monitoring options

Users can now manage more of their EDR agent settings in their EDR policies. These settings, such as Memory scanning, can help balance security and resource availability.

For more information, see the Datto EDR policy section in the article Working with the Policies page.

Tamper Protection in EDR Security Policies

Tamper Protection is now integrated into EDR policy configurations. It restricts service options and ensures the EDR service remains operational.

Learn more about tamper protection in the article Understanding EDR and AV tamper protection and refer to the Datto EDR policy section in the article Working with the Policies page.

Submit Datto AV false positive files

Datto AV users now can submit known safe files as false positives by selecting Policies > Datto AV File Submission.

Here you can create a new submission.

This is a great feature to use for proprietary software. Just submit your files prior to release and those new hashes will be marked as safe.

See the article Datto AV File Submission

EDR alerts in VSAX

For VSAX integrations, EDR alerts can now be received in VSAX. Go to your VSAX integration in the EDR portal and on the Settings tab, enable the desired alerts.

For more information, see the Send EDR alerts to VSA 10 section in the article Configuring the VSA 10 integration.

Enhancements

Create a Universal AV Exclusion within a Datto AV alert

When creating an AV exclusion via the Create Exclusion button within a Datto AV alert, you can now add the exclusion directly to the Universal AV Exclusion table. You still having the option to add the exclusion to your current Datto AV policy as well.

EDR uninstall log

In the event the EDR agent is uninstalled locally, we now create a final log and send it to your EDR portal. This way you can audit uninstalled agents and identify the process and account used to perform the uninstall.

Select pages to include in the Executive Threat Report

To prepare for additional reporting enhancements, we have updated the Executive Threat Report. You can now select the pages to be included in the report from the library of available report pages. By having a library, we can continue to create new pages. You can select the pages to be included when creating a new report or editing an existing report.

Bug fixes

Some users have seen their Datto AV or Defender alerts listed as type DNS. This issue has been resolved.
When creating exclusions in a Windows Defender policy, the cursor would not move to a new line when pressing Enter. This has been resolved.

Artifacts

agent.macos-amd64.db3f40a939b72ff145a26801b96ed29df7df3003b091972d70263f1d0c20d757.bin.gz
agent.macos-arm64.e3d385da3cac64384355dbc49e9d09035dc101b36c268caf74e376b67c778ede.bin.gz
agent.linux-amd64.1d65baea07e84e925c5138d06e775019bfe344b03ebbbbc582c874138098ae1d.bin.gz
agent.linux-arm64.e3d86b30543aa54f417b97e8299de54e28a5a121fd953511e68706c75b3589c7.bin.gz
agent.linux-x86.90b4a3ec3a633abf8ae2ea0ab532397170836ecc2a265e3f44eac4ae674bd61e.bin.gz
agent.windows-amd64.ba39b0e46aea9d719886f724473c2a586ed7b736b1c89195e61501fb4d0191de.exe.gz
agent.windows-x86.1754a067df68d17814eec16e548226c9ee2ef6f2039a4e09457bf082163c46bb.exe.gz
integrator.windows64.26ddd43e8fac5bd0308ea6d17b967e44b84aa393937170d8bbfd7d121585a757.exe.gz

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.