New Collector groups are not automatically assigned to the default AV signature policy or Collector settings policy when no other AV signature policy or Collector settings policy exists.

Disable the Workloads feature by default.

UI issue where some tables are slightly cut off at the bottom.

Secure browser URL reputation data can display an empty category.

Secure browser events do not display due to an underlying communication issue.

A specific consolidation failed in lab.

Hide the build number in the footer tooltip for non-support users.

Threat Hunting query that contains "NOT" does not filter correctly.

Parsing failure of Taxii feed.

No audit log for in disabling SAML authentication.

Adding a process to Exclusion Policy via Incident View results in blank screen.

Exception creation fails due to an empty value.

Failure in retrieving reports from a disconnected Collector.

list-exceptions Rest API function does not display selected Collector groups.

Users with a Read-Only role cannot export data from the Inventory page.

Hardening related to key injection as a variable.

Issue with dashboard queries of "Top Affected Devices".

Incident Report fails to display the full event process path.

Incident report generation gets stuck at 5%.

count-events REST API function returns inaccurate results when filtering by IP address.

Classification response actions are displayed in the wrong chronological order in Incident View.

"Collectors By Policy" widget export does not match the widget display.

Syslog becomes unresponsive due to a status update failure, causing log transmission to stop unexpectedly.

Exception is created on the wrong security event.

Widgets cannot be selected on the Dashboard page.

Adding an incident comment is logged with a default user information.

Sorting by total number does not correctly order the values in Incident View.

Wrong file or process name is displayed while the correct file has been remediated.

Applying the “Malicious” classification filter prevents associated raw events from being displayed.

Applying a filter prevents exporting the Collectors report in the Inventory.

Incidents sometimes appear as unclickable duplicates when you scroll or hover in the UI.

Certain events are partially saved during consolidation.

Editing an exception incorrectly displays an event as "deleted".

Potential error in consolidation flow.

Multiple entities are marked as erased but are not actually cleaned from the database.

When creating an exception via handling an event, selecting an IP from the destination list incorrectly selects all IPs.

Deleting an organization or changing license capacity does not save the changes or causes the environment to hang.

Raw Data Items cannot be retrieved from Event ID using Rest API.

Deleting an event while using a filter results in deletion of multiple events within the same aggregation.

Updating the license blocks Collector registrations.

Changing an exception’s destination from "Specific" to "All Destinations" incorrectly triggers a “cannot select both” error.

Performance issue with event processing.

Security Policy Search fails due to an internal error.

Error when creating an exception on a specific event.

SMTP is active only on Hoster.

Issue with exporting unmanaged devices list.

Click "Add Connector" and the dropdown shows most connector options grayed out.

LDAP error when choosing SSL or TLS.

When syslog field values are too long, the first max characters will be displayed.

No audit log when a user modifies their own user advanced settings.