I would like to see a DMARC monitoring solution implemented in the future. With M365 integration coming down the pipeline, this could be a useful addition if it is not already planned. I can picture some simple reporting and alerts to help identify targeted attacks or misconfigurations for a domain.
Support the ability to manage the built-in Windows firewall on endpoints. This would allow for "patching holes" and brings in the potential for a "lockdown" mode when malware hits.
Ransomware Data Recovery - Check
Check to see if Ransomware Data Recovery is enabled in Windows Defender.
Huntress Discovery functionality
A capability to discover devices that should have Huntress on them, but do not would be nice. Similar to SentinelOne Ranger feature. We currently rely on our RMM to deploy Huntress and we have built in logic to redeploy Huntress if it is removed. We had a peer recently get compromised and their RMM was removed. This also requires the RMM to realize Huntress has been fully uninstalled. Having a native capability in Huntress to find devices on the network that are supported and send alerts if they do not have Huntress installed would help fill some gaps in the process.
Password protect installation
Users may not know the software and or don't want it because IT installed it. Would be nice to password protect the installation to require a PIN or something to remove.
It would be nice that Agent can't be uninstalled locally. Just like Sentinel One, you have to go into portal and send Uninstall command before it can be locally removed from the machine. More Security just in case the local user has admin access to their machine. Thank you.
Enable the control of Bitlocker from the huntress portal. Also Bitlocker Key storage.
Isolated Host Exclusion
I think it would be great to have the ability to exclude isolated machines from auto-decommission.