Our first question comes from @BrianB23 who asked,
“Will the new console use our renamed endpoints? For example, in the old console, we could rename endpoint computer names to something more descriptive. Those changes, however, were not visible in the new site dashboard. Hopefully we won’t lose those name changes with this upgrade?”
Is Webroot capable of detecting vulnerability to or compromise by the Hafnium Exchange exploits (i.e., ProxyLogon) and alerting those managing it to the potential threat?
For Hafium, no we don’t detect it and nor did pretty much anyone else except for MS…after the fact. This was such a mess by MS that even the FBI has been proactively patching exposed Exchange servers.
That said, WSAB with script shield enabled does protect against many of the tools we saw used in the early attacks that exploited this vulnerability.
What's the threat landscape looking like for Q3 and Q4 of 2021?
The threat landscape for Q3/Q4 I think will show more supply chain attacks.
We’ve seen another major one post SolarWinds with CodeCov showing security software are in the crosshairs for these types of attacks.
Both attacks are likely nation backed and I think we’re entering a new era of the Code-Wars where we’ll start to see more significant escalations between nation states based on cyberattacks.
On the malware for the masses front (aka, not nation state), the botnet king of the past 5 years Emotet was taken down and there has been a lot of churn since.
I expect to see a new malware delivery as a service leader emerge, perhaps TrickBot which survived a takedown attempt last year.
Crypto prices continue to attract attention and we’ve seen an increase in malware that looks to steal wallets and/or attack the clipboard to replace addresses when payments are made.
As society continues to warm to crypto, we’ll continue to see malware try to take advantage.
And of course, ransomware will continue to be a terror.
Data extortion was new in 2020 and in 2021 we’ll continue to see this, but it will become more of the norm.
Ransom demands have increased YoY and were over 200k in 2020. Expect this to grow further in 2021.
My thanks to Grayson Milbourne our Threat Director for providing the answers to these questions.
If computer no accessible and cannot uninstall software, can it be deactivated and removed by system?
How will site level only users be impacted?
What could be the best policy to be applied to remote workers??
Our first question comes from @BrianB23 who asked,
“Will the new console use our renamed endpoints? For example, in the old console, we could rename endpoint computer names to something more descriptive. Those changes, however, were not visible in the new site dashboard. Hopefully we won’t lose those name changes with this upgrade?”
Hey Brian, the ability to add a friendly name for a device within the Webroot Management Console will not form part of this release, but it is included within our Roadmap for 2021. Regarding name changes made within the legacy Endpoint Console, these will still be available after the launch of the Webroot Management Console.
Will you offer a different pricing for DNS filtering on network devices?
DNS pricing for the network and IoT devices is challenging. Currently we derive a number of protected devices by taking the number of DNS requests seen in 30 days and divide by the average requests generated by a device (75,000). Although this is designed to be very favorable, it is complex.
To improve this, we are looking into alternate options that center around the requests and not an interpreted number of devices. More information to come as we explore this.
What new cyber security measures are in the pipeline for Webroot?
What could be the best policy to be applied to remote workers??
In regards to security posture and remote devices vs office devices, the current policy applied will be sufficient and there’s typically no need to build a separate policy for remote devices vs office devices. One key policy section to verify is Evasion Shield. We strongly advise it should enabled for a stronger security stance.
To enhance remote devices, additional layers of protection, like DNS Protection should be considered.
Will it be possible to delete deactivated sites from the dashboard?
How will site level only users be impacted?
Site only users will not be affected by the release of the New Webroot Management Console. They will continue to have access to all of the same great features and functions they enjoyed previously.
What are the benefits of Webroot DNS Protection if, for example, a client already has a firewall in place securing their LAN?
Are you planning on adding live chat support?
I know Webroot Endpoint is a good product. We love the light weight and good protection. I would love to see you in the tests.
I’m happy to let you know that we have recently undergone public testing with SE Labs as they follow AMTSO - Anti-Malware Testing Standards Organization procedures, which means we are able to be fairly tested. So for the period Oct-Dec 2020 we achieved AAA their highest status, and we expect a similar result for Jan-Mar 2021. These tests are comparative and as we increase testing in 2021 expect to see more test results. We are also planning a number of significant upgrades and innovations in 2021 with our endpoint protection.
The 2020 report is here: https://selabs.uk/reports/small-business-endpoint-protection-2020-q4/
Will the Webroot console upgrades be staggered or will everyone be updated at once?
Will it be possible to delete deactivated sites from the dashboard?
Yes! With the new console you can delete deactivated sites. You’ll be able to do this from the same page where you deactivate sites - the site summary page.
Are you planning on adding live chat support?
The support management team is investigating this option for future support option for live chat. There are a few challenges related to supporting this feature, but it is being strongly considered.
Are you going to give any serious love to the CW Automate plugin?
Are there any developments coming for the endpoint that will allow it to better tackle Ransomware style attacks?
Will the Webroot console upgrades be staggered or will everyone be updated at once?
I’m pleased to announce that all users/accounts will have access to the new Webroot Management Console from 27th April 2021
Do you think that you could have live courses for SAT?
If computer no accessible and cannot uninstall software, can it be deactivated and removed by system?
Devices can be deactivated via the console which sends an uninstall command to the agent. We are aware of instances where deactivated devices check back in and are actively investigating ways to improve the deactivation process.
Will a Vod be available for those who miss the live Q&A?
Yes! We have a few of the recordings up on the community now and we will be posting all of the questions and answers that we get to on the community as well so you won’t miss anything!
We’ve updated our post here with a few videos to our post below and we’ll post more soon.