Boards

Managed EDR

Integrations

Security Awareness Training

ITDR (MDR for Microsoft 365)

Reporting

macOS

UI/UX

MAV (Managed AV - Microsoft Defender)

Ransomware Canaries

Managed SIEM

API

SOC/Incident/Investigations/Escalations

Account/Organization/User Management

Powered by Canny

Managed EDR

Feature request: Report all devices that have Windows Defender tamper protection DISABLED

Huntress can show in each agent whether Defender tamper protection is enabled or not. To find & remediate these, it is impractical to check each one individually. A single page or report that shows all these devices would allow us to keep on top of this much more efficiently.

Add "Force Survey" button

After fixing "Unmanged" clients, it can take up to 24 hours for the portal to update. Support said that they need to send a force survey command. I would like to see a "Force Survey" button added to the client portal.

Windows EDR - Phishing Detection

Adding a new ability to detect phishing when a user connects to a fake web page with a spoofed favicon that does not match the Microsoft favicon

this quarter

Managed EDR - Linux Support

EDR Capabilities for specific flavors of Linux, offering the same level of security and protection as our Windows and MacOS agents.

next quarter

Windows EDR - Logon Auditing

Tracking and recording user logon and logoff events on a protected Endpoint to monitor access, ensure security, and detect unauthorized activities

next quarter

Add indicator for "Sensitive Data Mode"

The new Sensitive Data Mode (for compliance customers, such as CMMC) does not currently have any indicator that Sensitive Data Mode is on for them anywhere. It would be nice if there was even an icon that shows it enabled w/ a hover-text saying "Sensitive Data Mode Enabled" or something like that in the Org list. I realize we can't turn it on/off ourselves, but having an indicator would be ideal!

DNS allow list / cloud RMM and AV access for isolated endpoints

Huntress now supports an IP address allow list for isolated hosts, but this doesn't work with Cloud RMM, AV, or other tooling which typically uses dynamic IP addresses for agent connectivity. Vote here if you'd like to see this capability added. Even better, it would be great to hear what specific tools you'd want to use it with; the list of DNS names that need allowing for typical cloud tooling is long, and we could potentially preconfigure them (just check a box) for common-needed tools.

Add Exclusions using Agent Tags

Partner would like to have the ability to add exclusions via selecting agent tags as a group. This can help speed things up when there are a lot of endpoints (like 100+) to apply Defender Exclusions to that do not need to be added for the entire Organization. Currently 1 by 1 needs to be selected to add the exclusions to.

MDR - Ability to map 365 to different Organisations

Ability to map Office 365 Groups for MDR to other organisations in Huntress. For example Office 365 Mapped to Head Office Organization. 365 Group A mapped to Sub Organization 1, 365 Group B mapped to Sub Organization 2

Method of indicating an incident is "In Progress"

It would be great if there was a way to indicate an escalation or incident was being left open while being worked on. "Acknowledged" or "In Progress" come to mind as a status option. Useful for example while reaching out to confirm a user's location to make clear to the team it's been seen.

Load More

→

Powered by Canny