Application Control (Zero Trust)
in progress
Chris Bisnett
Many security and compliance frameworks require organizations to enable and enforce some form of Application Control and to maintain a list of organization-approved applications that can be installed and run.
In the many conversations we've had with our partners and prospects, we've found that managing Application Control and maintaining a list of approved applications is a significant burden even for larger teams and nearly impossible for small teams. The journey of starting in audit mode and building a list of approved applications and eventually getting to enforced mode is one that many folks never finish.
Our intention is to build a fully managed Application Control capability into the Huntress portal that will allow the Huntress SOC to manage and maintain lists of legitimate applications and will enable our partners to add those applications to approved lists, while maintaining a short feedback loop for end users so they don't get stuck waiting days for security approval.
This feature request will act as an umbrella for this functionality. If you are interested in helping us build this out by joining a Private Beta group, please upvote this feature request and we will email members of this group as we open up more spots in the beta.
D
David
I'd love to be included in any beta testing!
M
Michael McHugo
This would be incredibly helpful, shame to hear that we here in the UK can't get access to the beta.
C
Cody Arnold
Sign me up, we'd love to test this, definitely fills a need.
S
Sam Lassiter
love to participate in beta as well. Autoelevate likes to hide this feature behind another subscription. Added bonus with Applocker being weaponized to isolate edr tools it would be nice to ensure we are the ones in control of it.
B
Brian Applegate
The ability to approve software that's allowed to be on systems, and deny software we don't want on systems is critical to security and our success of securing and protecting our clients - not just from malicious actors, but from the users' themselves. Being alerted after the software is installed is one answer, but preventing anything from being installed that isn't approved is more secure, and more "enabling" because you can be sure your users aren't going to ruin your day, or even your morning, just because they clicked on something they shouldn't have.
C
Christopher Kinley
Love to join the beta
M
Matt Bowles
I love this because I recently became a big hater of ThreatLocker due to some policies they operate with but they don't have a lot of competition.
M
Mark Nelson
SMB - Single admin with the SEIM product and would be very interested in this.
We currently use "Admin by Request" for reference but would love to have this under a single portal.
Sonetics Corporation
C
Corey Kracht
Hey - would love to be invited to Alpha when its ready! Thanks!
Chris Bisnett
Merged in a post:
AppLocker and Windows Defender Application Control (WDAC) event reporting.
B
Brent Shore
Having the ability to monitor AppLocker and WDAC events in Huntress EDR would be extremely useful.
AppLocker
WDAC
Load More
→