Watch this 5-min overview to learn how to make your first alert for Critical Configuration Changes today.
In Cove 26.2, Critical Configuration Changes is now generally available for all customers, allowing users to create event-based alerts for indicators of compromise in their backup policies. With real-time visibility into critical changes made to backup policies, users can take just-in-time action to resolve these changes before recovery efforts are impacted.
Other enhancements made include the migration of One-Time Restore to Azure to our new UI design system and improving the reliability of general Continuity functionality.
This release focuses on enhanced security compliance, improved performance, and key quality updates across the standalone Windows agent.
New Feature
Improved device name synchronization and updated installer naming for clearer and more consistent device identification.
Improvements
Strengthened security posture by transitioning the agent to use only FIPS‑compliant cryptographic algorithms, ensuring stricter adherence to modern security standards.
Updated component libraries to improve overall performance, stability, and long‑term compatibility.
We are pleased to announce that on Tuesday February 24, Adlumin will release a new set of detection rules for Fortinet. This update expands your visibility into threats in Fortinet-protected environments by analyzing the Fortinet syslog data you already send to Adlumin. In practical terms, these new detections help identify a wider range of malicious activities including, wireless network attacks, misused or high-risk applications, and unusual data exfiltration attempts using the Fortinet log information currently forwarding to our platform.
This release introduces new end-user access capabilities, automated device lifecycle management, expanded APIs, and platform hardening across the Cloud environment.
New Features
Exclusive Direct Links for End-User Area
Exclusive direct links can now be generated for the End-User Area, simplifying controlled access and onboarding scenarios. When adding a new Device you can bind it to End Users, so it automatically relates with these users after installing TC on the Device.
Automatic Deletion of Inactive Devices
Administrators can now configure automatic deletion of inactive devices, including: – Configurable inactivity thresholds – Daily automated execution – Full audit log tracking
This settings in under a feature flag, so you need to request us to turn it on.
SentinelOne is deprecating Legacy Deep Visibility and S1QL 1.0 custom detection rules. This change impacts both API-based integrations and in-app workflows that still rely on legacy capabilities. You can continue using Deep Visibility Enhanced in the Management Console and Event Search in the Singularity Operations Center.
What’s changing and when
1) Legacy Deep Visibility Deprecation (API + App impact)
Deprecated:February 15, 2026
Stops working:February 15, 2027
If you use Legacy Deep Visibility APIs (or legacy UI features that depend on them), you must migrate before February 15, 2027 to avoid disruption.
Required actions (before February 15, 2027):
☐ Migrate integrations using Deep Visibility API → Long Running Query API
☐ Migrate integrations using Deep Visibility Filters API → Saved Searches API
To support the transition, you can use “Migrate Queries” in legacy Deep Visibility to move saved queries to Deep Visibility Enhanced and Event Search.
We’re excited to share an update to Linux Patch Management, along with a preview of what’s coming next as we continue to expand and mature our patching capabilities across platforms.
New: Completed Patches View (with Export Support)
We’ve introduced a Completed Patches view within Linux Patch Management, giving you clear visibility into patch activity that has already been successfully applied across your environment.
This new view allows you to:
See a consolidated list of completed Linux patches
Filter and review historical patch activity
Export patch data for reporting and auditing purposes
Initial export support is available for up to 10,000 rows, making it easier to share patch outcomes with stakeholders or retain records for compliance and operational review, larger exports will be available in future.
Coming Soon
We’re actively working on additional enhancements that will continue to improve visibility, control, and consistency across patch workflows. The following features are coming soon:
Pending / Scheduled Patches Tab A dedicated view to track patches that are queued or scheduled for deployment across all your assets making it easier to see what is happening at a glance.
Patch Policies Policy-based patching to help standardise patch behaviour and reduce manual effort across managed environments.
Mac Patching Native macOS patching support as part of our broader cross-platform patch management strategy.
Mac Patching Preview – Register Your Interest
We’re preparing an early preview of Mac Patching, and we’re inviting partners to take part.
If you’d like to register your interest in joining the Mac Patching preview, please email:
chris.dunsmore@n-able.com
Participants in the preview will help validate new macOS-specific functionality, including:
Volume Ownership support Ensuring patching workflows align with modern macOS security and ownership models.
End-user interactive reboot controls Giving users appropriate control and visibility during reboot-required patch scenarios.
Feedback from the preview group will play a key role in shaping the final Mac Patching experience before we release to public preview.
Posted inN-central, N-sight|Comments Off on Linux Patch Management Enhancements and Upcoming Mac Patching Preview
SentinelOne will be migrating customer environments to an updated cloud infrastructure in the coming weeks to further enhance platform stability and security.
Ahead of your scheduled maintenance, a banner notification will appear in your SentinelOne Management Console confirming your migration window.
Action required: Please add the new region‑specific management IP addresses to your firewall allowlist. Existing IPs do not need to be removed.
You can find the required IPs in your console documentation under: Offline Help for Management Console → Requirements → Networking Requirements → Management IP addresses by region
Posted inEDR, N-central, N-sight|Comments Off on SentinelOne Cloud Infrastructure Migration
A new encryption status column added to Assets View provides at-a-glance insight into asset security and compliance
This encryption data is also available for saved views and dynamic tag rules, making it actionable across automation and policy workflows.
Data protection and compliance –Endpoint encryption is often the line between a contained event and a reportable breach. Many compliance frameworks mandate encryption, so clear visibility into encryption status is essential.
Faster troubleshooting –Encryption state can directly impact boot behaviour, OS updates, BIOS changes, and hardware replacements. Having this information immediately available upfront prevents wasted investigation cycles.
Incident response –Answer questions like “Was this device encrypted?” immediately, without leaving the UEM platform.
Policy enforcement – Information that can support audits by reliably reporting asset encryption status
Quick assets view refresh
We have introduced a subtle Assets View refresh button to reach out and grab an up-to-date picture of your managed estate.
As operations scale, automated processes increasingly act on managed assets. To support this, asset data and header widgets can be refreshed independently, eliminating the need for full page reloads and pulling only the data required.
Future enhancements will introduce automatic refreshing of specific datapoints within the main Assets View data grid such as online/offline status.This reduces unnecessary refresh activity and keeps focus on the datapoints that directly impact investigations and platform performance.
This release addresses an issue identified following the 2.13.11 deployment where certain patches could appear incorrectly in the dashboard for some N-sight devices.
The issue affected patch visibility and manual interaction in the console but did not impact the underlying Patch Management Engine installation logic. Existing auto-approval rules continued to function as expected. This update restores normal patch visibility and interaction behavior.
Patch Management Engine (PME) version 2.13.11 is now generally available. This release focuses on improving patch applicability accuracy, supersedence handling, and Patch Status reliability, particularly for Windows 11 and newer Windows versions.
Improvements Included
Improved patch applicability detection for Windows 11: For Windows 11 (24H2 and later), PME no longer relies on legacy detectoid logic. Patch applicability is now determined using the device’s current build number, reducing false positives and improving accuracy in Patch Status reporting. This resolves cases where patches that were already installed could still appear as required on dashboards. (PMCM-11224)
Corrected supersedence handling between Feature Updates and Cumulative Updates: Prevents incorrect merging of supersedence data that could cause Feature Updates to affect Cumulative Update visibility or status. (PMCM-11181)
Improved handling of Windows Feature Update detection via Windows Update: Addresses cases where Windows Update may surface warnings when multiple Feature Update versions are detected, preventing unnecessary errors and reducing Patch Status noise. This resolves an issue where the error ‘[PME008] The license terms of one or more updates are unavailable’ could be raised on dashboards due to Windows Update detection behaviour. (PMCM-11009)
N-able considers various features and functionality prior to any final generally available release. As such, comments given in this forum are not (nor should they be interpreted to be) a commitment from N-able that it will deliver any specific feature or, if it delivers such feature, any time frame when that feature will be delivered. N-able is always trying to improve and enhance its products. All discussions herein are based upon product team current interests, and product team plans and priorities can change at any time.
You must be logged in to post a comment.