Boards

Managed EDR

Managed ITDR

Managed SAT

Managed SIEM

Endpoint Security Posture Management

Integrations, Webhooks, APIs

Account, Org, and User Management

Reporting & Dashboards

Powered by Canny

Managed EDR

Visibility of the AV product installed

When under EDR > Managed Antivirus, it would be nice to have a column that indicates what AV product is installed. For example, when a large organization is migrating to Huntress and they have a couple thousand devices on another EDR, it is not practical to filter "Other AV", then open each individual host, then click Antivirus to check what's installed and/or running. Bonus for a column labeled Defender AV Health. Also helpful in mass migration situations where there is a small gap between removing the old EDR and installing Huntress, but the admin wants to ensure Defender is disabled.

Automatically terminate processes when malicious activity is detected

The EDR Agent will be able to automatically respond to known malicious tradecraft

Path to ScreenConnect Detection

Huntress detects when ScreenConnect is used on a host which is great, but it would be helpful to know the path from which it was run so for multi session endpoints we can identify the path/user who executed Screen Connect.

Allow Hostnames in Isolation Whitelisting

As it says on the tin. Allow us to also enter hostnames in the tool whitelist of isolation. We have some tools that don't give us an IP block to whitelist only a few hostnames or sometimes a mix of both. Some of these are semi critical to keep functional for IR. Would be ideal to allow them through for the times Huntress alerts first.

Create a Desktop icon for the task bar

can you add a function allowing msp to deploy a systray icon to the desktop i have a couple of customers who requested that like they had with Sophos

Ability to turn off or mute "Sources are not reporting" Escalations for endpoints that are not always in a working state

Requesting on behalf of a Partner.

Remove Windows 10 Pro placeholder for endpoints that haven't surveyed.

Perhaps changing the placeholder "Windows 10 Pro" to "Awaiting Survey" for endpoints that haven't been surveyed after installation could help avoid confusion.

MacOS EDR - SIEM Log collection

Would be good to collect the Mac logs into the SIEM its a requirement for some of our clients right now and makes sense to be in Huntress.

future planned

DNS allow list / cloud RMM and AV access for isolated endpoints

Huntress now supports an IP address allow list for isolated hosts, but this doesn't work with Cloud RMM, AV, or other tooling which typically uses dynamic IP addresses for agent connectivity. Vote here if you'd like to see this capability added. Even better, it would be great to hear what specific tools you'd want to use it with; the list of DNS names that need allowing for typical cloud tooling is long, and we could potentially preconfigure them (just check a box) for common-needed tools.

Windows EDR - Logon Auditing

Tracking and recording user logon and logoff events on a protected Endpoint to monitor access, ensure security, and detect unauthorized activities

next quarter

Load More

→

Powered by Canny