Secure Endpoint 11.0 release notes

This topic describes the software updates included in Secure Endpoint 11.0. In addition to the specific changes detailed here, each release also includes broader system enhancements designed to strengthen security, optimize performance, and enhance overall stability.

To view the software updates that apply to the Secure Endpoint Agent, see the Secure Endpoint Agent release notes - Version 11.0.

Depending on the Absolute product licenses associated with your account, some of the following features, enhancements, and fixes may not be available to you.

The following features, enhancements, improvements, and fixes were introduced in Secure Endpoint 11.0.

Features and enhancements

You can now control the length of time users remain signed in to the Secure Endpoint Console during periods of inactivity using the Session timeout setting, allowing you to apply a consistent security policy across all users in your Absolute account. Learn more

You can now create user-defined reports based on data from Dashboard widgets that have a data source of Devices or Applications. Learn more

A new setting, Measurement system, is now available in your user profile.

To see distances in the console in feet and miles, set the setting to Imperial (ft, mi). To see distances in meters and kilometers, set it to Metric (m, km).

For existing users, the Measurement system setting is set to Metric by default. For new users, the setting is based on the time zone set in their web browser when they first log in to the console.

Note that in the current release, this setting only applies to:

  • The Geolocation Tracking > Accuracy report column
  • Distances between locations on a device's History page in Device Details

  • Distances between locations in email notifications for location-based rules

  • The radius of geofences

To update your Measurement system setting, edit your user profile.

The following event is now logged to the Events page in the History area:

  • Session timeout updated

This event is logged whenever the Session timeout setting is changed. If desired, you can create an Alert rule based on this new event.

Improvements and fixes

Feature/Area Details
Absolute APIs

  • Endpoints for the following features have been added to the EDD Configuration resource:

    • Custom EDD rules: four endpoints have been added that allow you to view, export, and import existing custom rules

    • Scan exclusions: six endpoints have been added that allow you to view and manage the files you want excluded from EDD scan results.

  • The following endpoint has been added to the Device Group Tree resource:

    • GET /configurations/devicegrouptree/nodes/{deviceGroupTreeUid}/get-devices: Get the list of devices in a device group or folder

  • To accommodate each device's time zone when using the POST /actions/requests/freeze endpoint, you can now schedule a Freeze request up to 24 hours prior to the current time. If the time has already passed in the device's time zone, the request is processed immediately.
Account settings

  • The Daily thresholds section no longer includes configurations for the actions that are not supported by the licenses associated with your account.
AI Assistant

  • The following enhancements have been made:

    • Improved handling of device-related time-range questions so AI Assistant more reliably interprets relative dates (for example, “last n days” or “n days ago”), supports additional time fields, and treats weeks as Monday to Sunday instead of Sunday to Saturday.

    • Improved AI Assistant’s application usage analytics so that average usage across multiple devices is now calculated more reliably.

    • Improved AI Assistant responses related to anti-malware protection status and geolocation data.

    • You can now change or undo your thumbs up/down rating on AI Assistant responses and submit feedback of up to 4,000 characters.

    • You can now resize the AI Assistant chat box.

  • The following issues have been fixed:

    • AI Assistant now understands the current date and year context, so answers to time-based questions are more relevant.

    • AI Assistant no longer includes devices in Vietnam when listing devices in ITAR countries, ensuring the ITAR country list is accurate.

    • In the Add to dashboard dropdown, you can now scroll both up and down so that all items, including those at the top of long lists, are visible and selectable.

    • AI Assistant now correctly answers the default question “How many unique devices are at risk and why are they at risk?” without returning a system error.

    • AI Assistant now correctly recognizes questions that use “platform type” as equivalent to “OS type”, returning consistent device data for both queries.

    • When users select English regional locales (for example, "English (Norway)") in their profile, the AI Assistant now consistently responds in English and correctly maps locales to the appropriate supported language variant.
Applications

  • The Policy Group, Policy Name, and Application filters in the Application Compliance report now accept typed text when you choose operators like contains, starts with, or ends with. This enhancement makes it easier to find report items using partial names.

  • Improved the performance of application compliance queries so the results load faster, especially for large data sets.

  • Fixed an issue in certain application-related pages and reports where custom (non-default) Application Compliance columns disappeared after applying a filter.
Application Resilience

  • Application Resilience policies now allow you to persist the following application versions:

    • Version 14.12.x or higher of Absolute Secure Access

    • Version 5.1.11.x or higher of Cisco Secure Client

    • Version 25.8.x or higher of Citrix Workspace

    • Version 6.2.5.x or higher of Qualys Cloud Agent

    • Version 25.10.x or higher of Syxsense Responder

    • Version 11.0.2.x or higher of Tenable Nessus Agent

  • Application Resilience policies for Microsoft Defender for Endpoint now support different ZIP file names for onboarding scripts, allowing you to upload separate packages for different policy groups without any naming conflicts.

  • Fixed an issue where Syxsense Responder could fail to reinstall if multiple versions were present on a device. The system now correctly detects and uses the latest installed version, preventing unnecessary reinstall attempts.
Chromebook support

  • Version 2.6.6.5 of the Absolute Extension for Chromebooks is now available. This version adds Chromebook support to the UK1 data center and adds an improvement that helps the Absolute Investigation team track stolen devices using key captures.
Custom Data

  • The limit of 1000 data points per account has been removed.
Dashboards

  • Dashboards now load widgets only when you open each dashboard, instead of pre-processing every dashboard during startup. This change improves initial dashboard loading performance, especially for environments with many dashboards and widgets.
Device groups

  • If you are assigned to two or more static permission groups, you can now use the (Add devices) action to move devices between these groups.

  • You can now remove devices from a static permission group that you're assigned to.
Device Usage

  • For devices running macOS 14.8.2 or higher, the SSID is no longer missing or redacted in Lock and Unlock events reported on each device's Usage page.
Hardware

  • If a device's detected memory size is empty or null, or the field is missing from the payload, memory information is no longer shown on the device's Hardware > Memory page.
History > Action Requests

  • Fixed an issue on the Action Requests page where the Unenroll action status could show as Succeeded in the pie chart but Completed in the device table. The status is now consistent and correctly displayed as Completed across both the chart and the table.
License Management

  • Previously, if some product licenses were expired, attempts to change the assignment order on the License Assignment Settings page may have failed. This issue is now fixed.

  • Fixed an issue where some licensed devices were showing as unlicensed in the Secure Endpoint Console.

  • Previously, in the license usage chart, the In use and Available portions of a bar may have been incorrectly positioned. This issue is now fixed.

  • Fixed an issue where repeatedly enabling and disabling license enforcement for an account could prevent License updated on device events from being logged in Event History.
Manage Supervisor Password

  • Previously, when using a bulk request to submit the Manage Supervisor Password action for multiple device, the request failed to be processed if the devices were all Supervisor Password version 2.x, but their minor versions were different. This issue is now fixed.
Messages

  • You can now edit the label on the Submit button in an End User Message template. The label is limited to 14 characters (no spaces).
Playbooks (Absolute Rehydrate)

  • After a user-initiated Run playbook request is processed on a device, a new passcode is now automatically generated in preparation for the next request. The new passcode is shown on a device's Summary page in Device Details.

  • Fixed an issue where the passcode for a device's user-initiated Run Playbook request could differ from the passcode shown on the device's Summary page after the device's passcode was changed. The updated passcode is now shown in both locations.

  • The request date that is included in the default name of a Run Playbook request is now based on the user's profile time zone instead of UTC.
Reports

  • When exporting a report to Excel (.xlsx) file format, the report is now automatically exported in CSV file format when the report includes more than 1 million rows. Reports of this size are not supported in Excel.

  • When scheduling a report to be sent in Excel (.xlsx) file format, the report is now automatically sent in compressed CSV file format when the report includes more than 1 million rows. Reports of this size are not supported in Excel.
Rules

  • Action rules based on a Custom Data data point now support data point values that include a decimal point.

  • Previously, when an Action rule was based on the Domain device state, the rule may have failed to be triggered when a device was re-enrolled (Domain changed from null to a value). This issue is now fixed.
Secure Endpoint Agent

  • To help you troubleshoot agent upgrade issues, the following messages may now be displayed when you hover over a icon in the Agent version field (or report column):

    • Failed to uninstall component
    • Component failed to communicate with the server
    • Component uninstallation requires device reboot

    Learn more

Script library

  • The Upload files to network shared folder (WC_UploadFilesToSharedFolder.ps1) script has been updated to add a security enhancement.
Utilities

  • The readme file included in the Network Diagnostics Tool download package now includes the hostnames associated with the following console login URLs:

    • cc.in1.absolute.com

    • cc.uk1.absolute.com
Windows support

  • The Secure Endpoint Agent now supports Windows Server 2022 Datacenter Edition. Note that the following features aren't supported on this platform:

    • The detection of installed anti-malware applications

    • Device Wipe

    • Geolocation tracking

    • Playbooks (Absolute Rehydrate)