This one of our most important releases to date. It is built around a simple idea: Peace of mind. Security teams should not have to work harder to stay protected.
With this release, we focused on giving administrators, MSPs, and channel partners clearer visibility, faster triage, and tools that remove unnecessary effort from everyday security work.
From a redesigned Action Board to unified ticketing across every data type, from more flexible endpoint controls to deeper cloud and email protections, this new update makes it easier to understand what is happening in your environment and respond with confidence.
What’s New and Why It Matters
A Redesigned Action Board That Highlights What You Need
The Action Board has been rebuilt to provide clarity and reduce friction. You will now see:
- A clean summary of open and automatically resolved tickets
- Protected users and devices at a glance
- Ticket trends for the last 30 days
- A new Workspace Health Score that flags where attention is needed
- Logical sections for Open Tickets, Setup Required, and All Caught Up
The result: You spend less time searching for information and more time acting on it.
An Improved Ticketing Experience
Tickets are now organized into four simple tabs: Overview, Full Details, Activity Log, and Comments. Language is clearer throughout, and Quick Fix is available in one click when supported.
The result: Faster triage, fewer repetitive tasks, and more consistency for teams that manage multiple environments.
SWG: More Control With Less Complexity
Shadow AI Category
A new filtering category helps organizations govern access to LLM-based tools such as ChatGPT, Gemini, and Grok.
The result: Stronger AI governance and policy alignment.
A Cleaner SWG Dashboard
A redesigned DNS Summary Report shows total and blocked queries, highlights top-level activity, and includes drill-down details and export options.
The result: Faster troubleshooting and clearer visibility.
Endpoint and EDR: More Flexibility and Fewer Roadblocks
Refined USB Lockdown
You can now allow specific USB devices by serial number while keeping the global block policy in place.
The result: Stronger security without unnecessary disruption to legitimate workflows.
Cloud App Security: Deeper Intelligence and More Automation
Cloud Security Policies
Admins can define detection rules and automate remediation for a wide range of cloud risks. These include mass data movement, suspicious admin behavior, identity compromise, location-based violations, bot-like activity, and more.
The result: Faster response and fewer manual interventions.
Email Security: Modern Protections for Modern Threats
Prompt Injection Detection
Coro 3.7 identifies prompt injection attempts hidden in email subjects or bodies. These attempts are designed to manipulate AI tools or automated systems.
The result: A new layer of protection against a rising attack vector.
End User Phishing Report
Users can see which emails were blocked and request releases or whitelist actions.
The result: Fewer false positives and more transparency.
Data Governance: Unified Tickets With Less Noise
Unified Ticketing Across Email, Endpoint, and Cloud
All sensitive data detections from a single email, endpoint scan, or cloud resource are consolidated into a single ticket.
The result: Fewer alerts, a clearer incident story, and faster response.
The Takeaway
This new update reduces noise, speeds up triage, and provides clearer visibility across every major security function. It is designed to make security easier to manage, whether you support a single workspace or a portfolio of customers.
