Changelog
New updates and improvements to Stoïk.
Introducing Phishing 2.0
Phishing 2.0 is the new generation of phishing simulations in Stoïk Protect. It brings more reliable email delivery, more flexible campaigns, and deeper visibility, while ensuring a smooth transition from the previous version.
What’s new
Built to scale with your organization
Multi-tenant support to connect multiple Google Workspace and/or Microsoft 365 environments
Target specific employee groups created in advance
More control over your phishing simulations
Launch multiple phishing campaigns at the same time
Choose between one-shot or recurring campaigns
More realistic and precise simulations
Select specific phishing scenarios instead of generic templates
Phishing emails have been reworked to closely match real-world emails, increasing realism and effectiveness
Clearer insights, better reporting
Access detailed data and visual graphs to track performance over time
Measure employee behavior and campaign impact at a glance
A smoother, redesigned experience
Fully revamped UX/UI
Faster setup, easier navigation, and clearer actions across the entire phishing module
Important prerequisites
To use Phishing 2.0, you need:
Google Workspace or Microsoft 365
Employee synchronization via your email provider
Authorization for Stoïk to send phishing emails via API
Transition timeline
Existing phishing setups are automatically transposed to Phishing 2.0
If your setup does not meet the prerequisites, phishing emails will continue during a transition period.
At the end of the transition period, phishing simulations will stop until the setup is completed.
Learn more
Your Stoïk CSM is available to help you get started.
Email Security: Free Trial
Overview
You can now activate Stoïk Email Security with a 1-month free trial directly from Stoïk Protect. The free trial gives you access to the full Email Security experience, allowing you to evaluate the solution in real conditions — with real alerts and expert monitoring — before committing to a paid subscription.
Why It Matters
Try before you commit: Experience the value of Email Security with live detection and real-world usage.
Full feature access: The free trial includes the same detection, alerting, and SOC handling as the paid version.
Make an informed decision: Assess the impact of Email Security on your email risk posture with concrete data and insights.
How It Works
1. Activate the Free Trial
In Stoïk Protect, go to the Email tab and activate the Email Security Free Trial directly from the interface.
2. Connect your mailbox
Connect your email environment (Microsoft 365, or Google Workspace) in just a few steps. For detailed setup instructions, see: How to set-up Email Security?
3. Receive alerts and SOC handling
Once connected:
Suspicious emails and account compromise signals are detected in real time.
Alerts appear in Stoïk Protect exactly as they do for paying customers.
All alerts are reviewed and handled by the Stoïk SOC, ensuring expert investigation and response.
4. Stay informed during the trial
You will receive automated emails at key moments:
When the free trial starts
One week before the trial ends
When the trial period is over
These reminders help you track progress and decide on next steps.
To continue protecting your inbox and receive a tailored quote, book a quick call with a Stoïk Cyber Sales by clicking on Get a quote
Email Security: Coverage to All Microsoft O365 Licences
Overview
Email Security now supports all Microsoft O365 license types. All eligible mailboxes can access the same Email Security features, with no need to worry about license compatibility.
Depending on the Microsoft license type (detected automatically during setup), you may be asked to complete one or two additional configuration steps to finalize the connection.
Why It Matters
Simplified eligibility: All Microsoft O365 licenses are now supported for Email Security.
Consistent protection: Every eligible mailbox gets access to the same monitoring and detection capabilities.
Guided setup: Stoïk Protect automatically identifies the right setup path and guides you step by step.
How It Works
1. Connect your Microsoft 365 mailbox In Stoïk Protect, start the Email Security setup and connect your Microsoft 365 mailbox.
2. Accept permissions in Microsoft 365 In the Microsoft authentication pop-up, review and accept the requested permissions.
3. Follow the in-app guided setup path Stoïk Protect automatically detects your license type and redirects you to the correct setup flow:
Case 1 — No action needed You are directly redirected to the results page.
Case 2 — Minimal action required You need to click “Start recording user and admin activity” in Microsoft Purview.
Case 3 — Full setup required You need to configure Purview access, then click “Start recording user and admin activity”.
For the full onboarding guide, refer to How to set-up Email Security?
Table Component Revamp
Overview
The table component across Stoïk Protect has been fully redesigned to provide a smoother, faster, and more intuitive experience when navigating large datasets. This update significantly improves readability and interaction, offering users a more fluid and efficient way to explore information.
Why It Matters
Improved readability: A cleaner, more modern design makes large datasets easier to scan and interpret.
Faster navigation: Infinite scrolling replaces pagination for seamless, uninterrupted browsing.
Enhanced usability: Updated embedded elements (badges, user chips, etc.) and expandable columns make data exploration more flexible.
Better control: Users can now export the content of a table at any time using the export button located next to the search bar.
How It Works
1. Modernized Interface
Tables now feature a refreshed UI with improved spacing, contrast, and typography to ensure optimal readability across the platform.
2. Updated Embedded Components
Badges, chips, and other in-table components have been restyled for consistency and enhanced clarity.
3. Expandable Columns
Columns can now be expanded on demand to display additional information without cluttering the main view.
4. Infinite Scroll
Pagination has been replaced with infinite scrolling, allowing smooth access to large volumes of data.
5. Export Tables Easily
Users can export a table’s content at any time by clicking on the ... button located next to the table’s search bar.
Email Security: Display of Monitored Mailboxes
Overview
Users of Stoïk Email Security can now access a complete list of all monitored mailboxes directly in Stoïk Protect. This new view gives you full visibility into the mailboxes being analyzed for Business Email Compromise (BEC) indicators and whose inbound and outbound traffic is monitored for signs of potential fraud.
Each monitored mailbox now includes key details to help you track and understand its status at a glance:
User
Email address
Associated tenant
Status (Active / Inactive)
If a mailbox becomes Inactive, simply hover over the status to see the reason — making it quick and easy to identify and troubleshoot the issue.
Why It Matters
Visibility: Know exactly which mailboxes are being actively protected by Stoïk Email Security.
Clarity: Understand instantly why a mailbox might be inactive, with contextual explanations.
Efficiency: Reduce support requests and investigation time with self-service transparency.
How It Works
1. Access the Mailboxes List
In Stoïk Protect, navigate to Email > Mailboxes. You’ll see a list of all mailboxes currently monitored by Stoïk Email Security.
2. Review Mailbox Details
For each mailbox, the following information is displayed:
User: The associated account owner.
Email address: The exact monitored address.
Tenant: The Microsoft 365 tenant linked to the mailbox.
Status: Indicates whether the mailbox is Active or Inactive.
3. Check Inactive Mailboxes
If a mailbox is marked Inactive, hover over the status to view the reason — for example:
Connection expired
Access revoked
Temporary sync issue
This makes it easy to identify configuration or permission problems without contacting Stoïk support.
What’s New
Mailbox visibility
View the full list of mailboxes monitored by Stoïk Email Security directly in Stoïk Protect.
Status details
Hover over inactive mailboxes to see the cause and take action.
Centralized monitoring
Easily track users and tenants under active email protection.
Reduced support dependency
Diagnose inactive mailboxes quickly and independently.
In-app product announcements
Stoïk Protect now includes in-app product announcements to keep you informed of new features, improvements, and key updates — directly where you work.
Why It Matters New change
Visibility: Users are now informed of changes as they happen, directly inside Stoïk Protect.
Clarity: Updates are explained with context, so you understand what changed and why.
Engagement: Discover and adopt new features faster, without relying on external communications.
Autonomy: Stay up to date without needing to contact Stoïk’s CSM team.
MDR: Deployment on Mobile Devices from Stoïk Protect
Overview
You can now deploy your Managed Detection & Response (MDR) licenses directly on mobile devices from the Stoïk Protect interface.
No more support requests — your team can activate protection across phones and tablets in just a few clicks.
Why It Matters
Empower your team: Gain full autonomy to deploy MDR on mobile.
Save time: No more waiting for manual setup by Stoïk.
Stay protected everywhere: Extend your detection and response coverage to mobile devices seamlessly.
How It Works
Open Stoïk Protect
Go to Endpoint > Settings.
Deploy to Mobile
Under the Mobiles section, click Deploy.
Add Employees
Enter their email addresses manually, or
Upload a CSV file.
Automatic Email Invitation
Each employee receives a personalized email containing a QR code.
Activate on Mobile
On their mobile device, the employee should:
Download the CrowdStrike Falcon app.
Open it and scan the QR code received by email.
Done!
The EDR automatically installs, and the device appears in your monitored hosts list in Stoïk Protect.
Vulnerability & Asset Management Revamp
Overview
The vulnerability and asset management experience in Stoïk Protect has been completely redesigned to make it more intuitive and aligned with modern vulnerability management practices.
You can now discard vulnerabilities or assets, verify remediations, and track their lifecycle — all directly from Stoïk Protect.
Why It Matters
Simplified workflow: Manage vulnerabilities and assets directly from your scan results.
Better visibility: Understand the full lifecycle and review status of every vulnerability.
Faster handling: Reduced manual review for Stoïk CERT — more automation for you.
How It Works
1. Discard Vulnerabilities or Assets
From your scan results in Stoïk Protect, you can now exclude items directly:
Select a vulnerability or an asset.
Click Exclude in the new sticky footer.
Choose a discard reason:
Risk accepted
Third-party risk
False positive
Depending on the severity:
If the vulnerability is CRITICAL/HIGH, or linked to an asset that is, it will first be reviewed by a CERT analyst.
Otherwise, it will be automatically discarded.
The status updates in real time as your request progresses.
Verify Vulnerability Remediation
When a patch has been applied, you can confirm it directly in Stoïk Protect:
Select the vulnerability.
Click Verify.
Stoïk Protect automatically re-launches a scan for that asset.
If the issue is fixed, it disappears from the list and no longer impacts your risk score.
If not, it remains Active until resolved.
Status Definitions
ACTIVE
The vulnerability or asset is currently detected.
CERT REVIEW
Waiting for Stoïk CERT validation before discard is applied.
TO BE DISMISSED
Temporary state (2–3 minutes) before discard is finalized.
DISMISSED
The vulnerability/asset has been successfully discarded and remains visible in the main table.
What’s New
Simplified UX
A new sticky footer with Exclude and Verify buttons replaces the old discard request flow.
Clear discard categories
Standardized reasons: Risk accepted, Third-party risk, False positive.
More automatic discards
Vulnerabilities below HIGH severity are now automatically discarded.
Verify remediation flow
Click Verify to re-scan and validate that a vulnerability is patched.
Unified view
Discarded vulnerabilities and assets now remain visible in the same table — no more separate tab.
MDR: Host Uninstallation from Stoïk Protect
Overview
You can now uninstall MDR agents directly from Stoïk Protect — whether your endpoints are protected by CrowdStrike or SentinelOne.
This enhancement gives you full control over your MDR lifecycle, from deployment to removal, without needing Stoïk assistance.
Why It Matters
Autonomy: Manage agent removal directly from Stoïk Protect.
Security: Maintain proper authorization via MFA and token validation where required.
Visibility: Keep your endpoint inventory clean and up-to-date with clear host statuses.
How It Works
1. Access the Host List
In Stoïk Protect, navigate to Endpoints > Hosts.
Locate the host you want to uninstall.
2. Initiate the Uninstallation
MFA must have been enabled for at least 2 weeks on your account to create a valid token.
Click Uninstall Agent from the host’s action menu.
3. Uninstall
The uninstallation process varies according to your provider:
Uninstallation of CrowdStrike MDR agents requires a manual action with a token
Uninstallation of SentinelOne MDR agents is fully automated from Stoïk Protect
3. a. Uninstall CrowdStrike Agents
The CrowdStrike uninstallation token is displayed in the pop-in
You can follow those instructions to manually uninstall the agent, using this token
3. b. Uninstall SentinelOne Agents
No token or manual steps are required.
Stoïk Protect handles the entire removal flow automatically once you confirm the action.
4. Monitor the Progress
The host’s status updates in real time:
Uninstalling while the process runs.
Inactive once the agent is fully removed and stops reporting.
Host Statuses
Active
The agent is online and reporting normally.
Uninstalling
The uninstallation has been triggered from Stoïk Protect.
Inactive
The agent has been removed or hasn’t reported activity for 30 + days.
Stoïk Protect Onboarding: To-do List
Overview
We’ve redesigned the onboarding experience in Stoïk Protect to make it clearer, more guided, and immediately actionable.
The former Get Started tab has been replaced with a personalized To-do List embedded directly into the Home tab, so every user knows exactly what to do next to get fully set up.
Why It Matters
Clarity: The new onboarding checklist clearly shows where you stand in your Stoïk Protect setup.
Actionability: Each task includes direct links to complete steps without leaving the dashboard.
Personalization: The list adapts to your role and what’s already been configured for your organization.
Faster setup: Teams reach full protection readiness in fewer steps and with less guesswork.
How It Works
1. Access Your To-do List
Open Stoïk Protect › Home — your onboarding checklist appears at the top of the dashboard.
Each item represents an action required to complete your initial setup.
2. Complete the Key Steps
Invite your teammates
Add all relevant colleagues and decision-makers to Stoïk Protect so everyone has access to dashboards and alerts.
Join an onboarding session
Choose between a 1:1 setup session or a bulk onboarding flow depending on your company’s profile and number of endpoints.
Activate your prevention tools
Review which protection tools are not yet active. You can activate them directly or mark them as not relevant if already covered by another solution.
Discover Stoïk Managed Services
Book a call with a Stoïk Cyber Sales to learn how MDR and Email Security can strengthen your cyber-defense posture.
3. Track Your Progress
Completed items are automatically checked off.
Once all actions are complete, your organization’s onboarding status is marked 100 % Ready in the dashboard.
What’s New
Integrated onboarding in Home tab
The old Get Started page has been retired — onboarding steps now live directly in your Home dashboard.
Actionable checklist UX
Quick-access buttons to Invite, Join session, Activate, and Book a call.
Dynamic progress tracking
The list updates in real time as steps are completed.
Adaptive guidance
Steps adjust automatically based on the client’s configuration and protection level.
Last updated
Was this helpful?