In response to partner feedback we have updated the cadence of Credential Reporting from weekly to monthly to allow partners and their end customers more time to remediate findings. We also changed this feature from opt-out to opt-in for existing accounts. Account admins can opt-in within Account Settings and those who do not opt-in can still review and export identified credential files from the Process Insight Dashboard.
Huntress now detects and reports on end users accessing possible credential files that are being stored insecurely.
All accounts will be opted-in to this feature by default on 11/8unless an admin opts out in Account Settings. Learn more about what this feature has already identified for our partners here.
With this new feature, you have the ability to export Process Insights Data to Amazon S3 Buckets that are set to US East Region 1. Please reach out to Huntress support if you would like this enabled, and check out this KB for further information: https://support.huntress.io/hc/en-us/articles/22006480117395
With this new feature, you can now opt-in to have your response to low-severity incidents automated by the Huntress SOC. Check out this support article to learn more about how this feature can save you time by automatically running assisted remediation tasks for all low-severity, agent-based incident reports without requiring additional approval by a partner admin.
With this new feature, the active user on a host that is isolated through Huntress will see a notification letting them know they have been isolated from the network and that they need to contact their IT administrator.
Learn more about the new End User Notifications and get answers to your questions.
We're excited to share that the new feature "Critical Incident Notification" is now live! This feature allows partner admins to add phone numbers to get notified out of band for critical incidents via phone call and SMS text notification. Follow along with this KB to see how you can add Incident Notification Contacts within Account Settings.
We are rolling out a new Escalation type for Managed Antivirus endpoints that use Microsoft Defender as the primary antivirus. This escalation will trigger for any endpoint that is set to Enforce for Managed Antivirus and the Microsoft Defender Real-time Protection engine has been disabled for longer than 2 hours. There is an ‘Email (Escalations)’ field in the Integration settings in Huntress that determines who is notified when this happens.
Learn more about Huntress Escalations and get answers to your questions.
We've added the ability to manage additional settings for Windows Defender through Huntress Managed Antivirus.
These settings are only available with the Huntress Agent version 0.13.52 or later.We've also added the ability to view Windows Tamper Protection status on the agent detail page.
On Thursday, June 29th, we released an update that will allow you to display all times shown in the Huntress portal in your preferred time instead of UTC.
To change your specific time zone, you will be able to change this setting by going to Preferences, selecting a time zone, entering your password, and clicking Update.
To leave more feedback about time zones or any other items, head to our feedback portal.
We will update our help articles soon to reflect the updates to the portal.
Thank you for all your feedback during the Huntress API Public Beta! We're excited that the API continues to be well received as we progress into General Availability.
What's changed since the public beta?# Where can I continue to submit feedback?
To better track our partner feedback, we've broken out the remaining API-related feature requests as logically as possible at feedback.huntress.com in the API Category. Some of these requests: If you have additional requests to add, we'd love to hear from you on our feedback page as we continue working on our product.