
Cybersecurity Modules
1.Modules for Protecting Endpoints
1.1 Endpoint Security
Safeguard endpoint devices and protect your business with the Coro
Endpoint Security module. It automatically identifies and logs all devices,
scanning for malware, suspicious activity, and human errors.
The Endpoint Security module detects unusual behavior and neutralizes
threats before they can cause harm.
Capabilities:
-
Device Posture: Sets device policies according to device vulnerabilities
-
Allowlist/Blacklist: Creates allow lists and block lists for files, folders, and processes to reduce tickets triggered by unknown activities
-
Advanced Threat Control: Blocks any processes that exhibit suspicious behavior
-
Scheduled Malware Scans: Schedules daily, weekly, or off-hours malware scans on Windows, macOS, and Linux agents
-
Multilingual Support: Provides additional support for Spanish, Italian and French

1.2 Endpoint Detection and Response
Endpoint Detection & Response (EDR) module provides proactive, real-time protection for interconnected endpoint devices and the broader network against sophisticated cyber threats. Leveraging behavior-based detection and continuous monitoring,
Coro EDR identifies threats in real-time, preventing them from going
unnoticed for extended periods.
Capabilities:
-
Telemetry Tab: Collects and organizes forensic details from devices
-
Process Graph: Visualizes process lineage and parent-child
relationships to trace threats -
Process Tab: Displays an aggregated view of all executed processes
-
EDR On/Off: Allows users to enable or disable EDR enforcement

1.3 Wifi Phishing
The WiFi Phishing add-on guards endpoints outside the LAN (local area network) by preventing connections to suspicious WiFi access points. It works by detecting connections to WiFi access points that are suspicious of man-in-the-middle attacks aimed at hijacking device communication.
Protects:
-
All devices in your workspace
-
Specific groups of devices
-
Remote/ traveling employees

1.4 Mobile Device Management
Coro's Mobile Device Management (MDM) module simplifies the management and
security of company-owned and Bring Your Own Device (BYOD) work-related mobile devices.
It enables IT teams to enforce app policies, manage apps, and ensure company policy
compliance. The module gives visibility into mobile devices, ensuring efficient device
management across the organization.
Capabilities:
-
iOS and iPadOS Device Enrollment: Enrolls devices via DEP or through MAID
-
Application Policy: Defines and enforces rules for app use, including install/remove
-
restrictions, blocking in-app purchases, and locking system defaults
-
Lost Mode: Locks supervised devices, shows custom contact info, and tracks location
-
when powered on
-
Remote App Installation: Installs required apps on employee devices directly from
-
the console
-
Device Management: Remotely wipes data from compromised devices,
-
marks devices for disenrollment to remove profiles and policies, and removes
-
devices that are inactive or disenrolled
-
Multilingual Support: Provides additional support for Spanish, Italian and French

2. Modules for Protecting Email and Users
2.1 Email Security
Mobile Device Management (MDM) module simplifies the management and
security of company-owned and Bring Your Own Device (BYOD)
work-related mobile devices.
It enables IT teams to enforce app policies, manage apps, and
ensure company policy
compliance. The module gives visibility into mobile devices,
ensuring efficient device
management across the organization.
Capabilities:
-
iOS and iPadOS Device Enrollment: Enrolls devices via DEP
-
or through MAID
-
Application Policy: Defines and enforces rules for app use,
-
including install/remove
-
restrictions, blocking in-app purchases, and locking system
-
defaults
-
Lost Mode: Locks supervised devices, shows custom contact info, and tracks location
-
when powered on
-
Remote App Installation: Installs required apps on employee devices directly from
-
the console
-
Device Management: Remotely wipes data from compromised devices,
-
marks devices for disenrollment to remove profiles and policies, and removes
-
devices that are inactive or disenrolled
-
Multilingual Support: Provides additional support for Spanish, Italian and French

2.2 Secure Messages
The Secure Messages add-on lets you encrypt outbound emails. With this module, you can use a private key to ensure only the intended recipients to access emails.
Works with:
-
Microsoft O365
-
Google Workspaces
-
Desktop email
-
Mobile email apps

2.3 Inbound Gateway
The Inbound Gateway add-on is a proxy that provides real-time detection and protection for incoming emails. It lets you intercept inbound emails and inspect them, allowing only threat-free or trusted emails to reach recipients.
You can choose between the following for suspicious
emails:
-
Warning Only: Emails are not blocked but are
marked with explanatory warnings for the recipients -
Block: Emails are blocked and can only be
-
released from quarantine by workspace
administrators

3. Modules for Protecting Network and Cloud Environments
3.1 Network
Network module is built for distributed and remote workforces and
enables organizations to create a secure virtual office, protecting against external and internal threats. It secures computer networks, and the data transmitted across them by offering a choice of enterprise and military grade encryption VPN and Zero Trust Network Access (ZTNA).
These advanced defenses replace traditional firewalls, providing superior protection without the complexity of hardware installation or the need for
large IT teams.
Capabilities:
-
Zero Trust Network Access: Applies user or device-based ZTNA to ensure only verified users and devices access resources, reinforced by MFA and Trusted Networks
-
Mobile App: Enables ZTNA or virtual private network (VPN) protection and DNS filtering on iOS and Android
-
Site-To-Site Tunnels: Enables secure communication between the virtual office network and other physical and virtual networks of the customer
-
Multilingual Support: Provides additional support for Spanish, Italian and French

3.2 Secure Web Gateway
The Secure Web Gateway (SWG) lets you apply DNS filtering to restrict network traffic. DNS filtering can protect your business from malware,
viruses, and other potential threats.
Capabilities:
-
DNS Filtering: Blocks access to undesired external resources
from your virtual office -
Allow/Block Lists: Restricts access to specific URLs, groups
of URLs, or content categories -
SWG Categories per Label: Enables admins to apply DNS
filtering policies by device label -
SWG Dashboard: Provides deeper visibility into DNS activity

4. Modules for Protecting Cloud Environments
4.1 Cloud App
Cloud App Security module provides advanced malware detection and robust remediation capabilities to protect users, their cloud drives and apps.
By securely connecting cloud applications, It ensures monitored,
protected, and controlled user access, enabling businesses to
safeguard data and apps against a wide variety of threats.
Capabilities:
-
Cloud Applications: Connects, monitors and controls a range of
cloud apps: Microsoft Office 365, Google Workspace, Slack,
Dropbox, Box, and Salesforce -
Access Permissions: Allows admins to set permissions for specific
groups, specific users, or all users, with access restricted by
country or IP -
Impossible Traveler: Detects login attempts from distant locations in unrealistically short intervals, helping identify potential credential compromise or unauthorized access
-
Dedicated “Quarantine” Folder: Stores detected malicious files in the "Suspected folder" and creates a ticket for the event
-
Third Party Applications Tab: Lists and manages third-party apps connected to MS 365 and Google Workspace, offering control and visibility into app usage within the organization

5. Modules for Data Protection
5.1 Endpoint Data Governance
Endpoint Data Governance refers to the strategy, policies, and technical controls used to manage, secure, and monitor data as it is processed, stored, or transmitted by endpoints which are the remote devices that connect to an organization's network.
Endpoints are devices like laptops, desktops, smartphones, tablets, and servers. Data Governance is the overarching rulebook for how data should be handled. Therefore, endpoint data governance focuses specifically on protecting data at the furthest edges of your network where users interact with it.
Why Endpoint Data Governance Matters
Endpoints are often the weakest link in an organization's security posture. Because employees use these devices to access corporate data from various locations (home, coffee shops, offices), endpoints are highly vulnerable to data leaks, theft, and unauthorized access.
Effective endpoint data governance ensures that even if a device leaves the physical office, the corporate data residing on it remains secure and compliant with relevant regulations.
The Endpoint Data Governance module protects sensitive and critical data on endpoint devices. It monitors how data on these devices is stored, detecting and preventing unauthorized use, accidental loss, risky data sharing, or violations of data protection policies. Endpoint Data Governance comes pre-configured with baseline security policies and ensures endpoint devices comply with data protection policies from day one.
Capabilities:
-
Regulatory Data Configuration: Enables the configuration of various sensitive data types, such as PHI, PCI, PII, and NPI, ensuring compliance with data protection laws
-
Manual Scanning: Provides the ability to perform on-demand scans from the Coro Console of endpoint devices to check for sensitive data exposure (e.g., PHI, PCI, PII, NPI) and mitigate risks in real-time
-
Scheduled Scans: Admins can schedule automated scans on endpoint devices to check for sensitive data stored on storage drives, ensuring continuous protection and early detection of potential risks
-
Unified Ticketing for All Datatypes: Automatically consolidates all sensitive data type detections from endpoint into one unified ticket
5.2 User Data Governance
User Data Governance refers to the policies, processes,
and technical controls an organization uses to manage, protect,
and ethically handle the personal information collected from its
users, customers, or employees.
If endpoint data governance is about securing the devices where
data lives, user data governance is entirely about the people
behind the data—protecting their identity, their privacy, and
their rights.
The User Data Governance module enables businesses to
detect unauthorized sharing or access of sensitive data.
Through continuous monitoring of user behavior and data exposure, it ensures that sensitive data such as personal details, health records, and payment information is only accessible to authorized individuals and compliant with data protection regulations such as GDPR, HIPAA, and PCI-DSS.
Capabilities:
-
Outbound Gateway: Enables real-time monitoring and blocking of outbound emails that violate an organization's sensitive data policies
-
Regulatory Data Configuration: Enables the configuration of various sensitive data types, such as PHI, PCI, PII, and NPI, ensuring compliance with data protection laws
-
Continuous Monitoring: Monitors and scans unusual data-sharing activities that might expose sensitive data (PHI, PCI, PII, NPI) via email or file-sharing
-
Access Permissions: Allows administrators to control user access to sensitive data by setting specific permissions for individuals, groups, or domains
-
Exclusions: Allows administrators to exclude emails from sensitive data scans based on specified keywords in the subject line
-
Unified Ticketing for All Data types: Automatically consolidates all sensitive data type detections from email and cloud activity into one unified ticket

6. Module for Security Awareness
6.1 Security Awareness Training
Security Awareness Training (SAT) module empowers leadership, employees and contractors with the knowledge and tools to recognize
phishing and social engineering attacks. SAT reduces
human error and strengthens your cybersecurity posture
through real-world phishing simulations and high-quality
security awareness training. Using SAT shows that your
business has proactively implemented security awareness
measures, mitigating legal, financial, insurance, and
reputational risks while safeguarding your organization
and leadership.
Capabilities:
-
Phishing Simulations: Simulates phishing attacks to
assess vulnerabilities and raise awareness -
Adaptive Training: Uses adaptive training to personalize
learning based on security risks and user behavior -
Training Courses: Delivers focused courses on best-practice cybersecurity via videos and quizzes
-
Reporting: Delivers powerful analytics including simulations engagement, phishing failure and training completion rates

