We want to inform you about the release of a new Heimdal™ RC version, 3.0.0, that will be live starting next Tuesday, May 17th, 2022. The Heimdal™ Release Candidate Agent will be available, for download, in the dashboard ( “Guide” section, “Download and install” tab), starting Thursday, May 19th, 2022, and deployed on a roll-out basis over the coming weeks.
Flagship Feature
It brings us immense satisfaction to inform you about the launch of this new Heimdal™ Release Candidate version. The 3.0.0 Heimdal™ Dashboard and Agent version is marking a pivotal milestone in our journey together and consolidates our company’s position at the forefront of innovation and reliability.
The 3rd generation of our award-winning product suite brings to fruition long-standing efforts we have made to further improve, to a game-changing level of stellar performance, stunning graphics, and fresh design and continuously raise the bar in terms of serviceability and user experience.
We hope you will be just as excited as we are to explore every novelty the New Agent v.3.0.0 is packing up!
Below you can find some snapshots of the enhanced interface of the new Heimdal™ Agent. We are certain that you will enjoy the new, crisp, modern, and spectacular graphics, combined with the ease of use and practicality that you were already familiar with:
Here are the other main features and improvements rolling in with the new 3.0.0 RC.
Heimdal™ Threat Prevention Network:
- API for Threat Prevention Network
We now offer, our TPN licensed customers, the option to view statistics for ‘Threat Prevention Network’ through our API. The API requests can be accessed at Guide -> Your HS API Key -> New API -> For Threat Prevention Network Statistics.
The pre-requisite for performing an API call is to enter the HS API key and then CustomerID.
Selecting the “Show Parameter Helper” will display a dropdown in which additional information regarding the specific parameters that are required to be entered for the selected API call is shown.
Heimdal™Patch & Asset Management:
- Software Asset Management view into Infinity Management submodule
The Software Asset Management view, which allows our dashboard users to easily and efficiently manage their software license-related info (Application Name, Publisher, Type, Quantity, Price, License Key, Expiration Date, etc.), was moved from the Patch and Asset Management -> 3rd Party Patch Management space, to the Patch and Asset Management -> Infinity Management submodule. In the Infinity Management submodule (Products > Patch & Asset Management) of the dashboard, a new tab has been added next to the existing Infinity Management tab, called Software Asset Management.
The functionalities offered by the SAM view remain the same, the purpose of this repositioning being improved and easier navigation and leading to a better User Experience.
Heimdal™ Endpoint Detection, Heimdal™ Privileges & App. Control:
- Ability to select notifications on "Auto – mode” approval and “via Dashboard” (manual) approval
This feature updates the way PAM elevation notifications work, depending on the elevation type (“Auto – mode” vs. “Approval via Dashboard”).
For accounts that are linked to a Corporate Customer, once “Privileged Access Management Alerts” (Accounts -> Accounts tab -> selection of a corporate customer account) is activated, a drop-down will appear, which allows the dashboard user to select what email notifications will be sent, based on the elevation type.
The following options are available:
- Both: user will receive all email notification alerts;
- Auto: user will only receive notifications regarding Automatic “Auto – mode” elevations;
- Manual: user will only receive notifications regarding elevations that were sent to the dashboard for approval “Approval via dashboard”
- Administrator mode based on Azure Active Directory membership
This feature adds the possibility to have an Azure Active Directory user (which belongs to a specific Azure AD group) log in to the Agent and elevate as that specific Azure AD user instead of the “logged-in” user, with privileged admin rights.
To enable this feature, we added a setting in the Endpoint Settings -> Windows GP -> Privileges & App Control -> Privileged Access Management, in the “Administrator Session” section, called “Azure Login”.
If on, below the corresponding check box, a text field will appear in which the Dashboard user will need to mention the Azure group name whose members will be allowed to log in and elevate as admins. If no Azure group name will be mentioned, all the users will be able to log in and elevate as administrators.
When this feature is enabled in the Group Policy, a “Sign In” button will show up in the Heimdal™ Agent, prompting the user to log in to their Azure AD account (as in the below screenshot).
After the user successfully logs into their Azure AD account, the “Sign In” button will switch to “Sign Out”.
From this point on, when the user hits the “Elevate” button, the elevated user will be the one displayed in the interface (“Elevating as”).
After clicking Sign Out, the “Elevate” button will return to its default functionality.
Heimdal™ Privileges & App. Control, Application Control:
- Enhanced visualization of the Application Control Rules and Download .csv
As part of our continuous efforts to improve the dashboard user experience, we have implemented improved pagination allowing the user to consult the Application Control Rules table in a more streamlined fashion (you can now select the number of items per page: 10, 50, 100; scroll through pages and/ or select the page number that you want to go to). We’ve also implemented a “Download .csv” option, allowing you to export in a .csv format the Application Control Rules table.
Other enhancements & fixes:
- Kernel driver mechanism implementation for Application Control and Zero-Trust Execution Protection
In order to improve the analysis and detection speed of the ran processes and thus, increase the cyber security level for our Customers (blocking the processes “real-time”/ until the corresponding rules are processed), our development team made great efforts and managed to successfully implement a mini-filter driver mechanism which is now made available in two very important Heimdal™ product sub-modules: Application Control and Zero - Trust Execution Protection.
This mechanism can be enabled upon request by our Support team (please contact them or your account manager to do so), as the functionality has restricted visibility and access.
- Operating System Updates, Windows OS, Microsoft Updates Compliance view enhancement
The Microsoft Updates Compliance view has been enhanced so that is considered when deeming a machine as being compliant or not (a compliant machine is an endpoint that has no pending updates before the selected date/ within the selected time frame), the “Installation by category” functionality found in the Endpoint Settings -> Windows GP -> Patch & Assets -> Operating System Updates and the selected category from the drop-down list.
If we select any of the categories while filtering in the Compliance view and we are looking for compliant endpoints, then the generated list will be comprised of the compliant machines within that specific category. For example, if we filter the Compliant view by the category “Service Packs” and a Specific date, then the list will be populated with all endpoints that don't have any Service Packs pending to install before that Specific date
- Enhanced Group Policies management – copy GP changes to other GP(s) improvement
We further improved the “Copy GP changes to other GP(s)” recently launched functionality by adding the option to allow the Dashboard user to select whether they want to apply the current changes only to active GPs or, as in the initial version of the feature, to both active and inactive GPs.
After conducting the desired changes and clicking on the “Update GP” button, a pop-up will appear, allowing the user to apply the changes either to the Current Group Policy, Specific Group Policies, or All Group Policies. In this pop-up window, we have added a new tick box, called “Apply only to active GPs”.
- Heimdal™ Remote Desktop – ability to search by username in the Agent
The Agent “Search” functionality found in the Remote Desktop module has been broadened to also accommodate searches based on username and not only hostname, as initially designed.
- Fix related to session and file elevations not working correctly on Windows server
We have implemented a fix that now ensures the correct functioning of either session (“Administrator Session”) or file (“Run as Administrator”) elevations for multiple users on Windows Server OS environments.
- Newly created Group Policies will have the lowest priority
A change to the newly created GPs priority mechanism has been implemented, in the sense that, the current mechanism, which automatically set a newly created GP to the highest priority was changed, so that, when a new GP is created it will automatically have the lowest priority possible, although it cannot be lower than the “Default” GP, meaning that the priority will be set equal to 2. Post hitting the “Create GP” button, the dashboard user will get the below pop–up notification:
- Geographical data storage area pop-up on the first dashboard login
Newly created Heimdal™ Dashboard accounts will be shown a pop–up window, post conducting the first successful dashboard login, which will mention the geographical area in which the customer’s data is stored on the cloud. This enhancement is meant to correct any set-up errors that could have happened when the IT Admin created the customer in the Admin section of the Heimdal™ Dashboard and selected the “Data storage region”.
- Fix related to the Preserved users being revoked local admin rights after machine reboot
We have implemented a fix to an issue found in our Privileged Access Management module, an issue encountered when the Endpoint Settings -> Windows GP -> Privileges & App Control -> Privileged Access Management, "Revoke existing local admin rights" option was enabled and which consisted in the “Preserved Users” (users being whitelisted and still having local admin rights) being removed from the Administrators group after a computer reboot. The problem has been sorted out and, now, everything works as expected.