Managed service providers can expect a wave of new cybersecurity capabilities across Kaseya’s Datto and SaaS Alerts product lines, following announcements made during the company’s Q3 Security Suite Innovation Update earlier this week. From enhanced endpoint detection and response features to deeper integrations with Kaseya SIEM, and new tools for SaaS threat detection and tenant management, the updates reflect Kaseya’s continued push to streamline security operations for MSPs. The roadmap spans immediate feature rollouts as well as longer-term innovations.
Changes Coming to Datto EDR and AV
New features are coming to Datto EDR and AV soon. Here’s what to expect.
Role-based access control, with a new role called an external analyst. This will allow MSPs to give clients access to the portal to view and respond to some alerts. This is ideal for MSPs operating in a co-managed environment. You will still manage the policies, but your clients will have visibility. This will launch in the next couple of weeks.
Desktop UI, from which you will be able to complete full and quick scans, see the list of quarantine files, and view the scan history. This will begin to be rolled out to a few partners over the next few weeks.
ARM64 chip set support, fully supporting EDRAD, ransomware detection, and ransomware rollback on x86 and x64 chip sets. The new support feature is coming by the end of this quarter.
Reporting enhancements for Datto AV reports, DNS secure reports, and more. This will be a priority for Q4; stay tuned for potential updates in the next product update webinar.
A Look at Datto Secure Edge’s Upcoming Roadmap
General Manager of Datto Networking Marcus Ward announced an upcoming integration with the Kaseya SIEM. “With any networking product, we’re looking at web traffic, application traffic, etc.,” Ward said. “We’re going to pipe that data over to the SIEM, so you can look at any sort of traffic information [easily].”
Other upcoming items on their roadmap include:
- ARM-based Windows client support, coming this quarter
- Enhanced firewall policies, including a fully hosted cloud firewall (no time frame was announced)
- Enhanced Geo-IP filtering, to be added in Q4
- Added trusted network detection, coming in the first half of 2026
- New Entra ID automation, able to add users and apply policies to groups, to be integrated early next year
Finally, in response to the rise in hybrid and remote work, Datto is looking to launch their firewall portfolio. This is intended to bridge the gap between “employees working outside the office who need a SASE-type solution, and those in office who will be behind a more traditional firewall,” Ward explained.
The portfolio is currently in early beta, and “offers a handful of options, ranging from a 500-megabit firewall up to a 5-gigabit model,” Ward said. “Of course, it’s going to be in this unified cloud management. So now you have this unified network security interface where you can manage SASE and firewall configurations in one place.”
If you’d like to join the beta program, sign up on Datto’s website.
New Features from SaaS Alerts
Austin O’Saben, product marketing manager at Kaseya, announced a few new features coming to SaaS Alerts, designed to help MSPs stay on top of the changing threat landscape.
Custom Detection Patterns. MSPs can now create their own custom detection patterns, tailored to threats that matter most to their customers. Custom patterns can be combined from up to 65 data sources, set to target alerts by organization or account, and apply fine grain filtering to pinpoint exactly what’s important. MSPs will also be able to customize alert severity levels and the alert delivery method. These changes are intended to reduce alert fatigue and avoid MSPs being flooded with irrelevant notifications, said O’Saben.
Fortify Module Snapshots. Fortify Module allows MSPs to set up security policies for their Microsoft tenants. The new Snapshots feature will enable MSPs to set up a “golden tenant,” then copy and paste those settings across all of their other Microsoft tenants, saving hours of manual configuration time.
Enhanced Suppression. The new Enhanced Event Suppression feature will make filtering for alerts easier and more efficient, minimizing false positives and alert fatigue. “The idea behind this is [MSPs] can now apply granular control filtering events based on any field within the event data, not just the user or single vent type like we had before,” explained O’Saben.
Google Workspace Account Management. A buildup of unused accounts in your client’s ecosystem increases the attack surface and their risk. This new feature allows MSPs to remove outdated accounts in a single sweep and create automated rules to continuously identify inactive accounts, such as any accounts with no activity in the last 30 days.
Related: If you missed our earlier Q&A with Kaseya CEO Rania Succar, see Kaseya CEO Rania Succar on Partner-Centric Growth, Innovation, and Empowering MSPs
