What's new in Symantec Endpoint Security
Symantec Endpoint Security
Symantec Endpoint Securityis updated with new features and fixes on a monthly basis.
Automatically uninstall existing third-party security softwareoption is again available in the
Advanced Options > Software removal settingsfor the Symantec Agent installation package.
The Behavioral Isolation policy is now supported on SEPM-managed 14.3 RU1 devices. If you target the policy to a SEPM-managed device that runs an older agent, the device ignores the policy.
Linux forensic support
You can now collect forensic data (processes, modules, users, groups, etc.) from Linux SEP devices.
Incidents information on Device details page
ustomers can get information about open and closed incidents that are associated with any device or endpoint. This information is available on the new Device details page
Incidentstab. If you select an individual incident, incident details appear on the flyout panel.
Module detection event type support - 8028
The Investigator now supports module detection type of events from the Windows agent.
Associated events support
Investigator now supports associated events. For instance, for the 8070 Compliance Scan event, the Events flyout panel provides a link to all associated 8071 events. In this case, the 8070 and 8071 events are linked by scan_uid field.
Investigator now has the capability to show the composite events for firewall events.
The new Investigator workspace provides enhanced capabilities:
The activity history page from Device Details is also updated with these enhancements.
A vulnerability remediation add-on is no longer available for purchase.