Prioritization of incident analysis

Prioritization of incident analysis (origin, impact, etc.) in the detection of malware or PUP through the Risk indicator.

• The risk is high when the malware or PUP was run before it was detected and has accessed files and/or established Internet connection.
• The risk is medium when the malware or PUP was run before it was detected but didn’t access any file and didn’t establish any Internet connection.
• The risk is low when the malware or PUP was not executed before being detected.

Improve your ability to take preventive and remedial measures on your network computers

If a computer becomes infected after copying a malicious file from another computer on the network, the console and the email alerts will display the name and IP address of the source computer, as well as the user used to access the targeted machine.

This will allow you to identify the computers that are trying to perform malicious actions on other computers, and take preventive and remedial actions to prevent new attacks and clean those systems that are being used to attack other computers.

Compatibility with Server Core servers

Now, Adaptive Defense and Adaptive Defense 360 let you protect and monitor your Server Core servers.

From version 2.4 onward, you can safeguard your Server Core installations of Windows Server 2008, 2008 R2, 2012 and 2012 R2 against malicious infections.

Ability to configure local alerts in 'Hardening' mode.

Until now, if the administrator configured the network computers in 'Hardening' mode, there was no way they could prevent block alerts from being displayed locally on users' computers. This was only possible if the company's computers were configured in 'Lock' mode.

Ability to grant resellers and Panda Security access permissions to customers' consoles.

• In order to help resellers/service providers and Panda Security deliver the best service possible, customers can now allow them to access their console through the console settings.
• Customer consoles are configured by default to allow access from resellers, but not from Panda Security. Customers can change these settings at any time.

Automatically uninstalling other security products.

Up to now, administrators could choose whether they wanted to automatically uninstall any competitor security product installed across the network. These solutions where automatically uninstalled prior to installing Panda's solutions.

This behavior has been modified from version 2.3.1 so that administrators can choose to have competitor products removed at any time (even from those computers that have our products installed).

Exclusion history.

Version 2.3.1 includes a history of all items excluded across the IT network. This history details all the actions taken on excluded items, both manual actions taken by users (exclude item, remove exclusion, change the configuration of excluded items) and automatic actions (items reclassified as malware/PUPs/trusted applications, remove exclusion, etc.).

Every action displays the user that performed it as well as the date.

Additionally, clicking an item on the history screen will display the item details available in the Malware/PUP/Blocked item list, as appropriate.

Compatibility with Windows 10 Anniversary Update

The new version of Windows 10 (Anniversary Update), recently rolled out by Microsoft, causes errors installing the Adaptive Defense protection on computers with this operating system installed and under very specific circumstances (Secure Boot enabled, GPT partitions, etc.). To avoid these problems, we advise that you update to version 2.3.1.

*Version 2.3.1 does not update the protection on computers with an operating system other than Windows 10, therefore, the protection version will continue to be 7.61.00.0010. Computers with Windows 10 will be automatically updated to version 7.62, provided the automatic updates option is enabled for the relevant profile. This update is seamless for users and will only take place on computer restart

New email alerts

As soon as a new threat is detected, an item is blocked, or an item that was excluded from scans is classified, an alert will be sent to you from the cloud.

More information about malware detections

A column has been added showing the action taken on the detected malware.

Improved detection capabilities

We have continued to improve the efficiency and capabilities of our detection systems.

• Among other things, this version adds the ability to detect compressed CryptoLocker-type threats as well as other new techniques used by malware.
• Additionally, we have improved the detection engine to reduce the number of items that need to be blocked in “Lock” mode.

Improved documentation and help files

Both the Adaptive Defense help file and Advanced Administration Guide have been reviewed and improved for this version.

Bug fixes

This version includes fixes for bugs detected in previous versions:

• Slowdown problems under specific circumstances.
• Unexpected blocking of third-party applications that use the user's TEMP directory to work.
• Bug that caused computers to be sporadically moved to the Unprotected tab.
• Temporary loss of detection power on Exchange servers.
• Fixed management of excluded device lists in the Device Control feature.
• Minor bug fixes.

Easier identification of blocked items

To help administrators identify currently blocked applications more quickly, the Items under investigation panel on the home page has been replaced with Currently blocked items being classified.

Temporarily excluded items

If necessary, and after evaluating the information available about an item, administrators can exclude it temporarily, allowing it to run.

Excluding a currently blocked item that is being classified is not recommended. However, under certain circumstances, it may give administrators greater control over the company's security and operation.