The Traps agent does not create a post-detection event when it receives from WildFire a malware verdict for a macro file that had a previous non-malware verdict.
Traps agents running 6.1 version should not upgrade to any macOS 10.15 version. If you do so, your Traps agent will stop communicating with the Traps management service and your endpoint will become unprotected.
A Traps agent that was upgraded in the past cannot re-register to the Traps management service after the connection between them is lost due to corrupted cloud_frontend.db.Workaround: Uninstall Traps and re-install it on the endpoint.
When initiating a Live Terminal session on Windows endpoints, you cannot run GUI-based cmd commands like
For Behavioral Threat events on Mac endpoints, the
Analysistab of the security event displays the wrong year in the timeline.
On Linux endpoints, the Traps agent will not load the Linux kernel modules if it detected a system crash. The next time the agent uploads, the Anti-Malware flow will be in asynchronous mode and no data collection or Behavioral Threat Protection capabilities will be enabled.
When an unlicensed agent attempts to connect to Traps management service, its status in the Traps console appears as
Traps blocks processes signed by blacklisted signers when you configure the Action mode for Examine Portable Executables and DLLs as Report in a Malware Security profile.
When you configure Traps to quarantine malicious files, processes signed by blacklisted signers are not quarantined when they run on a Windows endpoint.
Agents on Mac endpoints running Symantec cannot be updated to Traps 6.1.
In some cases, when Traps management service fails to retrieve files from an endpoint, the process is still reported as successful instead of failed. The downloaded manifest file includes the error description.