Systems Status
Increase in false positive detections since 22nd of March - HEUR/AGEN.13
Incident Report for WithSecure services
This incident has been resolved.
Posted Apr 03, 2023 - 12:36 UTC
We have resumed releasing updates to our Capricorn engine. The latest update is F-Secure Capricorn Engine 2023-03-29_01.

If you encounter false positives please ensure that Security Cloud is enabled and report them to us via
Posted Mar 29, 2023 - 07:01 UTC
We have updated our detection logic in our security cloud to further improve the situation.
If you have disabled Security Cloud, we recommend to enable it.

We plan to continue releasing regular updates to our Capricorn engine tomorrow, 29th of March.
Subscribe to this incident to receive a notification about the release.
Posted Mar 28, 2023 - 11:27 UTC
The number of false positives has significantly decreased since the rollback on Friday, 24.3.

We continue to work on a permanent solution.
Posted Mar 27, 2023 - 09:31 UTC
We received a number of reports of increased false positive detections in the format of HEUR/AGEN.13* after a database update on the 22nd of March.

We have rolled back the update and are working on a permanent solution.

If you encounter false positives, please report them to us via
We apologize for the inconvenience caused.
Posted Mar 24, 2023 - 18:20 UTC
This incident affected: WithSecure Business Suite (Endpoints (Clients & Servers)) and WithSecure Elements Endpoint Protection (Endpoints (Clients & Servers)).