New in 2023.11: Threat hunting gets quicker and easier

  • November 6, 2023
  • 2 min read

This month’s update introduces the ability to run threat hunting queries, making it easy to speedily identify anomalies and potential threats on any Emsisoft-protected device – and speed is critical. The sooner you can identify and remediate a potential threat, the less time it will have to escalate into an actual incident.

The functionality is based on Osquery, an open source platform which exposes operating systems as databases against which SQL queries can be run. A number of pre-defined queries are included, but additional user-defined queries can be created and saved, creating a high level of flexibility. Queries can be run on-demand or scheduled, and can be configured to show either complete data or only changes since the query was last run. For example, you could run a query to check for changes to the Windows Startup folder. This would help you identify and investigate the presence of legitimate applications that threat actors deploy in ‘living off the land’ attacks.

Note that queries are a feature of our EDR, which is a component of Emsisoft Enterprise Security. If you’re currently using Emsisoft Business Security and would like to ask about switching, please get in touch with us.

This month’s update also includes multiple behind-the-scenes improvements designed to ensure that our products continue to deliver the best possible protection, the best possible performance, and the best possible user experience.

All enhancements and improvements in a nutshell

Device protection (desktop)

Management console (web app)

How to obtain the new version

So long as you have auto-updates enabled, you will receive the latest version automatically during your regularly scheduled updates.

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Note to Enterprise users: If you have chosen to receive “Delayed” updates, client systems will receive the new version no earlier than 30 days after the regular “Stable” availability.



Emsisoft founder and managing director. In 1998 when I was 16, a so called 'friend' sent me a file via ICQ that unexpectedly opened my CD-ROM drive, which gave me a big scare. It marked the start of my journey to fight trojans and other malware. My story

What to read next