Managed EDR

Adding a new ability to detect phishing when a user connects to a fake web page with a spoofed favicon that does not match the Microsoft favicon

EDR Capabilities for specific flavors of Linux, offering the same level of security and protection as our Windows and MacOS agents.

Huntress reports are great, however sometimes, I'd like to see the "behind the scenes" of what the root cause was. I know we can see malware analysis in the defender portal, or by submitting a sample to any.run , but it would be nice to have some more information / on what the malware did, like a execution process map or something within huntress.

Huntress can show in each agent whether Defender tamper protection is enabled or not. To find & remediate these, it is impractical to check each one individually. A single page or report that shows all these devices would allow us to keep on top of this much more efficiently.

Ability to track new sign-in from a device not running the Huntress agent.

There is be an option to whitelist detected ScreenConnect hosts and alert to new ones. The new dashboard is great, but I'd like an alert any time there is a new one added.

It would be invaluble for huntress to be able to mark a file as tamper-proof/offer tamper protection for various system files. We had a TA bypass DUO by pushing changes to the host file and flooding the API to localhost .

Ability to add a subnet to allowlist. A lot of vendors provide IP "Subnets" instead of individual IPs.

Our RMM N-Able N-Central is auto-healing the service when it updates causing updates to fail. The limit in N-central to delay auto-heal upon detection of the service stopping is only 2 minutes 30 seconds. We had heard the team may be working on a way to prevent the service from being re-started during update which would hopefully prevent these failed updates from occurring

Support the ability to manage the built-in Windows firewall on endpoints. This would allow for "patching holes" and brings in the potential for a "lockdown" mode when malware hits.