What's new in
Symantec Endpoint Security

Symantec Endpoint Security
is updated with new features and fixes on a monthly basis.
April 2021
Feature Area
What's New
ICDm Home page changes
Dashboard views are consolidated and available on a single page for easy viewing. The fully customizable
page replaces the existing product, feature, and custom dashboards
Existing custom dashboards are migrated to the new design. Some widgets are no longer available.
  • The
    tab is removed.
  • Widgets now appear on the
    page and are categorized by security area rather than product feature.  You can select from several out-of-the-box default views for these categories.
    • Default
    • IT Operations
    • Attack Surface Reduction
      (Symantec Endpoint Security Complete only)
    • Threat Protection
    • Threat Analytics
    • Security Operations
      (Symantec Endpoint Security Complete only)
  • You can also create a custom view from the
    page and set it as the default.
  • KPI bars are now shown as widgets. Some journey line or quick setup content is available on the
    Quick Setup
    tab in the left navigation panel.
  • Some widgets were retired and no longer appear on default or custom views. These include Learn More or Quick Links widgets.
  • SEP 14 widgets were also removed and are no longer available:
    • Cumulative Actions Taken and Unresolved
    • Top 5 Suspicious Detections by Prevalence
    • Suspicious Detections by Risk
    • SEP 14.2 Key Performance Indicators
  • Application Isolation KPIs are no longer available, and the following Application Isolation widgets were removed:
    • Top 5 Devices without Isolation Protection
    • Top End User Feedback
    • Isolation Coverage for Vulnerable Apps
    • Isolation Coverage for Suspicious Detections
    • Top Apps Showing Isolation Violations
  • Any existing custom dashboard that includes only retired widgets is removed.
ICDm - Licensing and Subscriptions
Target Limits
option allocates a fixed number of seats in a particular domain to help track any overages.
ICDm - Discovered Items
Discovered Items > Applications
tab now appears for all customers.
System policy
A new option in the System Policy is available to submit suspicious files pseudonymously to Symantec to enhance threat protection intelligence.
General settings for System policy
Added the following enhancements:
  • The Incidents event grid now links all actors within the same attack with an identifier, the correlation_uid. The attack chain includes Process Launches and Process Injections and will eventually handle Proxied Execution such as a process making WMI calls.
  • You can now get lineage incidents by the incident ID.
  • Range-query support is now available when searching by Priority_ID.
  • Public facing documentation for the Incident API has also been updated.
Breach Assessment
You can now directly download and use the Breach Assessment tool to generate reports on any Active Directory (AD) misconfigurations or vulnerabilities that exist in your AD environment.
The tool uses the capability of Threat Defense for Active Directory and provides a comprehensive report of the assessment findings.
Application Control
Application Control rules now support application versions.