New in 2024.4: Search raw event data for better insights

This month’s update introduces the ability to search raw EDR log data. In the past, you could only search detection-related data using osquery. Now, you’ll be able to search all EDR data, including historical data stored in Emsisoft’s cloud.

You can use custom views in the Threat Hunting panel to search for specific process starts, registry changes, and more, making it easier than ever to pinpoint when and why a particular event occurred and to contextualize other data. You could, for example, trace the execution history of a particular file across all devices in your Workspace in order to work out any potential impact.

In addition, we’ve altered the way EDR data is processed at the device-level in order to minimize the performance impact on endpoints.

As usual, the update also includes multiple small fixes and improvements to ensure that our products continue to provide you with the best possible protection and the best possible experience.

All enhancements and improvements in a nutshell

Device protection (desktop)

• EDR disk cache optimized
• Multiple minor enhancements and fixes

Management console (web app)

• Raw log data search functionality
• Multiple minor enhancements and fixes

How to obtain the new version

So long as you have auto-updates enabled, you will receive the latest version automatically during your regularly scheduled updates.

Note to Enterprise users: If you have chosen to receive “Delayed” updates, client systems will receive the new version no earlier than 30 days after the regular “Stable” availability.