Mit der Version von Symantec EDR 4.11 erweitert Broadcom die Funktionalität seiner On-Premis EDR Lösung um einiges:
- Custom incident rules
- Linux and macOS support for Recorder Rules
- Content updates via LiveUpdate Administrator for SEDR appliances in air-gapped networks
- Support for multiple NTP servers for improved time synchronization and redundancy in case of failover
- Export and download of full dump data
- Allow List and Deny List usability enhancements – a delete all option and easy import via CSV to enable efficient cleanup
- Audit logging for Advanced Attack Technique (AAT) incident rule changes
- Email alerts for changes to the SEDR appliance’s health status
- File (8003) events include file scan disposition metadata for scanned files
- Dashboard improvements to highlight the most important information
- Support for an RSA certificate chained to a CA-provided root certificate, signed with elliptic curve cryptography (ECC)
- Faster backups