We've officially stopped supporting Teramind Dashboard (Android) and Teramind Time Tracker (iOS) apps. After January 31, 2023, Teramind has stopped providing updates or technical support for these apps.

You can still access the Teramind Dashboard from a mobile device. It's fully mobile-ready and responsive.

We have added a new, Password Policy section under the Settings > Security screen:

The settings under the Password Policy will help you enforce password rules to increase the security of your user accounts. These rules will be enforced whenever a user password is created or changed. Here's an explanation of each option:

You can now track online meetings for the WebEx web version:

The meetings will show up as Webex under the Monitoring > Online Meetings (Applications column) but on the Employee > Activity Log report (Process/URL column), you will be able to see the actual process/URL of the meeting (e.g., meet130.webex.com).

We have added a new CREATE BEHAVIOR RULE button on the Filter Panel of the BI Reports. This will help you create rules from the filters:

To use this feature:

A new column, Matched triggers is added to the grid widget on the BI Reports > Behavior Alerts report. This column shows what triggered the rule and exactly what rule criteria and conditions were detected when the rule was violated:

This data point, along with the Description data point will help you better investigate a rule violation incident and gather more contextual insights.

Note that, this column works similarly to the SHOW TRIGGERS button on the (now deprecated) Behavior > Alerts report.

Two new conditions, Time Focused and Total Time Focused are added to the Webpages and Applications Activity-based rules:

Here's how these two conditions work:

Most modern browsers have a password manager that prompts you to save passwords from login forms on websites. While this is convenient, it's a security risk.

Teramind has introduced a new option, DISABLE BUILT-IN PASSWORD MANAGER OF KNOWN BROWSERS to disable built-in password managers in the browsers. You can access this option by clicking the ADVANCED button on the Monitoring Settings > monitoring profile screen:

Once enabled, it will disable the password-saving option on any supported browsers. The user will not be able to override the option. However, independent password managers such as LastPass will still work.

Note that, if the ALLOW APPLICATION RESTARTING option is enabled, Teramind will automatically restart any open browsers so that the DISABLE BUILT-IN PASSWORD MANAGER OF KNOWN BROWSERS setting can take effect automatically. Otherwise, you will have to manually restart the browsers.

A new option, ALLOW APPLICATION RESTARTING is added which can be accessed by clicking the ADVANCED button on the Monitoring Settings > monitoring profile screen:

We have added a toggle option, VERIFY SERVER CERTIFICATE on the Settings > SMTP screen:

If disabled, it will force the system to ignore any invalid certificates. This is useful when you want to use your own self-signed certificate which isn't trusted. Note that if you disable this option, the TRUSTED CERTIFICATE option will become hidden and you won't be able to upload any trusted CA certificate.

We have updated the user avatars to make them more modern and responsive:

We have also updated some of the menu items, icons, scrollbar, etc.:

By default, Teramind Stealth/Hidden Agent isn't shown on the Windows list of installed programs (known as the Add or remove programs or ARP list). In this release, a new command line option TMADDENTRYTOARP is added to the installer. If used, it will allow you to add the Stealth/Hidden Agent to the installed programs list on Windows. For example:

The result will look like this:

Currently, the Agent name is dwm.exe. However, Windows also has a service with the same name for its Desktop Windows Manager. We've added a new command line parameter, TMAGENTEXE so that you can change the default Agent name to something else to make it more clear and avoid confusion with Windows' services. You can use the parameter when installing the Agent. For example:

The Agent will then appear under the new name (e.g., "my_agent.exe") on the Windows Task Manager:

We have added the ability to obfuscate the usernames with an MD5 hash so that they are anonymized. This feature can be enabled with the new command line parameter, TMHASHUSERNAMES during the installation of the Agent. For example:

This will add a hash-user-names parameter to the Teramind configuration file (config.cfg). You can also manually add the line to the config file:

The user will then appear like the example below:

We have added several parameters to configure the SOCKS proxy when installing the Agent. You can also configure them from the Teramind configuration file (config.cfg):

Here's an example:

Usually, when you connect to a computer over an RDP session, the Agent sends the IP address of the client to the server. However, for privacy or security reasons, you might not want to expose the client IP to the server.

We have added a command line option, TMHIDERDPCLIENTIP that will let you hide the client IP address from the server:

It will simply replace the actual IP address with 0.0.0.0 The command will also add a hide-rdp-client-ip parameter to the Teramind configuration file (config.cfg). You can also manually add the line to the config file:

A new API POST functionality elastic-search-screen is added to the Teramind API which will allow you to search records directly in the Teramind Elasticsearch database. For more information about how to use this feature, please consult our API documentation.

We have added support for better request schema, user input validation and TypeScript types generation:

This will help you adapt and use Teramind API more effectively and troubleshoot issues quicker. For more information, please consult our API documentation.

From now on, Teramind will be using a new versioning scheme for the Mac Agents: <major>.<minor>.<build number>. For example, 1.233.1015.

This will simplify version control and help admins keep track of which computers have which app installed. Especially, if you are using a custom agent, it will help decide what/when you need to update.

The Mac Agent is now able to monitor TCP/IPv4-based network connections on macOS 11 (Big Sur) and later.

You will be able to see the users' network activities under the Monitoring > Network Monitoring report:

Here are a few things to note:

Agent support for the Networking Activity-based rules is now available on macOS 11 (Big Sur) and later.

You can create a Networking rule by clicking the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Networking section to learn more.

The Agent now supports the Lock Out User rule action:

Here are a few things to note:

Please see the Rules Guide >Defining Rule Actions > Lock Out User Action section to learn more.

The installation/uninstallation process for the Mac Agent has changed slightly. The documentation has been updated to reflect the changes.

Previously, the Dashboard wouldn't check if the Heatmap Chart widget is configured properly, causing the users to sometimes configure it incorrectly. This would show an error on the Widget, and no data would be displayed.

Changes were made to the Heatmap Chart Widget so that it will now enforce proper configuration:

The chart will now require:

If any one of the conditions isn't satisfied, the user will not be able to save the widget.

Previously, IM-based rules wouldn't have the proper trigger information for some specific activities. For example, when a rule like the one below was used, it wouldn't show what triggered the rule (file upload), creating confusion about false alerts:

With the trigger information, you will have more context on the rule's warning messages and the alert reports (e.g., Behavior > Alerts or BI Reports > Behavior Alerts):

Previously, you might have seen a lot of irrelevant information in the file names for uploaded/downloaded files on Facebook Messenger. For example:

Now it will show, precise, clean file names, such as:

Teramind will now use the SNI (Server Name Indication) for the DON'T MONITOR WEB TRAFFIC FOR THESE IPS and MONITOR WEB TRAFFIC ONLY FOR THESE IPS settings under Monitoring Settings > Websites:

This will let the Agent better handle browsers that use HTTPS proxy servers over TLS protocol.

In a multi-node deployment, disabling ENABLE SSH ACCESS option on Settings > Server management would disable access to the application server(s) only. But you could still SSH into mining or other types of nodes:

With the new improvement, disabling SSH access will block access to all nodes.

We have added a limit of 32,000 entries for uploaded files in Configure > Shared List. This is to prevent spamming and improve the processing speed when the list is used inside behavior rules or monitoring settings.

Changes were made to the Teramind start-up sequence so that the Teramind kernel driver, tm_filter will no longer automatically start when Windows boots. Instead, the Agent will run the service when needed.

When an Agent was updated, it would keep artifacts for the old Agent that was installed with a custom name. Improvements were made so there will be no artifacts left out from the old installation.

Now, the tooltip that shows up when hovering over a user's name will also show their email address. This way, if you have multiple employees with the same name, you will be able to better distinguish them on:

We have added various measures to prevent memory leaks and fragmentations during server peaks. This will ensure better stability and reliability.

We have made some improvements to our OCR mining process that will make it more stable and responsive.

Various security improvements and hardening.

Due to a bug in our document parser, documents printed using the Microsoft Print to PDF virtual printer wouldn't capture properly. You might see a Document is not uploaded yet. Please try again later message or a window with missing images when trying to view the document on the BI Reports > Printing or Monitoring Reports > Printing screen:

You might also see an error, [warning] [PrinterMonitor] can't parse spool file on the Agent log file. The bug is fixed now.

On some Cloud instances, you might have noticed that the Classify option on the BI Reports >Applications & Websites > Grid Widget doesn't work:

Selecting the option is supposed to show a pop-up window where you can classify the selected website/app. But in reality, it would do nothing. The bug is fixed now.

You might have noticed that the Document Name column on the Grid widget on the BI Reports > Printing contains a “}” symbol at the end of the document name. This bug is fixed now.

In some rare circumstances, a BI Report might fail to export if it contained a Grid widget with a certain combination of columns:

This bug is fixed now.

If you delete a cloned BI Report it should also delete any scheduled export the report have:

However, due to a bug, you might still be receiving automated emails with the scheduled export from a deleted report. The bug is fixed now.

If you manually selected users (by turning off the INHERIT POLICY SETTINGS option) on the Rules Editor's User tab, then disabled the rule or the policy (from the Behavior Policies screen), it would reset the INHERIT POLICY SETTINGS option (turn it back on) and you would lose any users you selected before:
​

The bug is fixed now.

Due to a bug, Files-based rules like the one below wouldn't trigger properly for activities on a CD/DVD-R/RW disk formatted in the flash/LFS file system:

The bug is fixed now.

Due to a bug, keypresses for certain special key combinations such as Shift + Del / Ctrl + Del / Shift + B, etc. wouldn't get detected on the BI Reports > Keystrokes or Monitoring > Keystrokes report. Any Keystrokes Activity Rules based on such keystrokes wouldn't get triggered either:

The bug is fixed now.

Email distribution lists (especially in Outlook) weren't detected properly in the Emails Activity Rules. As a result, a rule like the one below wouldn't work:

In the rule, the Exclude condition should match any domain containing @teramind. As a result, any email sent to the distribution list Developers - Miami ([email protected]) shouldn't have been detected. But due to a bug, the email was still detected.

This bug is fixed now.

Due to a bug in the Rules engine, Browser Plugin-based Activity rules like the one below wouldn't trigger for Opera, Firefox, Microsoft and Chromium Edge browsers.

The bug is fixed now.

If an OCR rule contained both \ and / it wouldn't be triggered:

The bug is fixed now.

Due to the recent Box updates, Files-based rules like the ones below wouldn't trigger for Box Drives (Box Sync would still work):

The bug is fixed now.

Due to a bug, a Webpages-based rule like the one below which uses an EXCEPT/EXCLUDE condition and any of the Time Active, Time Idle, Total Time Active, Total Time Idle criteria wouldn't trigger:

In the above case, if you visited a site, not on the exclude list (e.g., google.com), then after 10 minutes of inactivity, it should have triggered the rule. However, it wouldn't.

The bug is fixed now.

If you selected a period that had a DST end date in it (e.g., November 6), the Productivity > Time worked and Time Tracking > Time cards reports wouldn't show any data after the DST end date. Or, it would show an error Invalid period supplied. Please specify period within a calendar week (1-7 days):

But if you selected a period after the DST (e.g., November 7 - November 13), the data would show up correctly:

The bug is fixed now.

You might have noticed a warning message like the one below when trying to add a new employee, on the welcome screen and other places:

The warning is actually applicable to an On-Premise deployment and shouldn't be shown to a Cloud customer. The bug is fixed now.

Due to a bug, scheduled days on the Configure > Schedules > SCHEDULING tab get shifted by a day when you change the DEFAULT LANGUAGE on the Settings > Localization screen:

The bug is fixed now.

In some rare situations, you might have noticed the System > System Log report fails with an Internal Server Error message:

There are several reasons this could happen: an Active Directory LDAP sync issue causing some users to be deleted from the departments, but still displayed on UI leading to empty users. Or, it could be a faulty API call. Measures were implemented to handle such scenarios or bugs.

In some situations, exported videos from the Session Player (Video Player) wouldn't have any audio even though the DISABLE SOUND option is unchecked. The audio would play fine on the player itself:

The bug is fixed now.

Windows have an option on its sound settings to toggle the Exclusive mode for a microphone. If this mode was turned on, the Agent wouldn't be able to capture any audio from the microphone:

Even if you turned it off, Zoom, MS Teams or another application might override the setting each time they are updated. The bug was fixed so that audio recording will work irrespective of the Exclusive mode setting.

Due to a bug, if you conducted an OCR search from the Monitoring > OCR using the Wildcard option, the text would be detected, but it wouldn't highlight it on the captured screenshots:

The bug is fixed now.

After updating to Agent 7.0, you might be unable to visit any websites on the Tor browser and see a message like the one below:

This was due to Tor not trusting the Quick Web Proxy that Teramind Agent injects into the browser for monitoring web traffic. The bug is fixed now.

After updating to Agent 7.0, you might not be able to track any console commands (e.g., from the Command prompt, the PowerShell) and they wouldn't show up on the BI Reports > Console Commands or the Monitoring > Console Commands report. For example, here's a result from two ping commands:

The bug is fixed now.

If you are on Agent 6.0, you might have noticed that incoming emails wouldn't get captured. The bug is fixed in later versions of the Agent.

You might have noticed that the printer sometimes pauses unexpectedly when printing from a server to a printer. For example, when printing from a server/web portal that uses a local account on a workstation that connects to a printer. The bug is fixed now.

Due to a bug, you might not be able to select/copy text from any of the Monitoring or Productivity reports. The bug is fixed now.

Teramind's Agent driver services can be controlled from the Monitoring Settings > Advanced panel. When the FILE DRIVER and NETWORK DRIVER options on the Advanced panel are disabled, you would expect the corresponding tmfsdrv2 and tm_filter services to be stopped too. However, due to a bug, they would still be shown as RUNNING on the Command terminal:

The bug is fixed now.

Due to a bug, the DLP driver wouldn't activate even when the FILE DRIVER option is turned on under the Monitoring Settings > Advanced screen:

The bug is fixed now. You can verify the driver is working properly in the Agent log. If it is activated, you should see a message like this:

Due to a bug, when you turned off the NETWORK DRIVER option under the Monitoring Settings > Advanced screen, it would cause the Agent to disconnect and connect repeatedly:

The bug is fixed now.

Due to a bug, you wouldn't be able to update the Agent remotely (Computers > Action menu > Update agents) if you assigned custom ports under Settings > Server management > Server Ports:

The bug is fixed now.

Due to a bug, Server ports settings (MANAGEMENT INTERFACE PORT, LOAD BALANCER PORT) on the Settings > Server Management tab wouldn't retain their values when you changed the ports and saved the settings:

The settings would save, but they wouldn't be updated on the dashboard. The bug is fixed now.

Due to an unhandled exception, you might have experienced server crashes when connecting to a SIEM system. The bug is fixed now.

If you tried to download any Agent (User Menu > Download Teramind Agent), it would download it using the internal IP address for the download link instead of using the public IP.

The bug is fixed now.

You might have noticed that in some situations, the Onboarding Wizard screen get darker when you enter the Welcome section:

The bug is fixed now.

If a user changed their own password from their profile, (by clicking the user's name on the top-right corner of the dashboard and selecting My Profile > ACCOUNT INFO) it would work fine for the dashboard login. But, the password wouldn't update in the Revealed Agent:

They could still log in with the old password. And, if the password was changed by an admin, it would work.

The bug is fixed now.

You might have experienced high CPU and memory usage when using Microsoft Teams, and it might crash occasionally.

The bug is fixed now.

Due to a bug in the installer, the Agent update would fail if the Agent has a custom name. This would affect installation from both the Dashboard and the command terminal.

The bug is fixed now.

On Agent 7.0, if two (or more) users logged into the same computer at the same time, it would crash the Agent and you would see that the second user is reconnected every second on the Dashboard. The bug is fixed now.

On Agent 7.0, if you stopped and then restarted the Agent, the file driver (tmfsdrv2) would remain stopped while all the other services keep running. The bug is fixed now.

Several fixes were implemented related to the UI. For example, missing translations, missing tooltips, appearances of unexpected characters in the text, misaligned labels, extra spaces in the header, etc.

You might have noticed that, during the uninstall process, the uninstaller would open all minimized windows at the end of the process, when it's removing the NetApp extension. The bug is fixed.