This feature would be VERY valuable. Many/Most/All of our tenants do not have the P1/P2 license. But the data is still there. Entra Admin shows the user accounts and whether MFA is disabled/enabled/enforced. So Huntress should be able to pull that and accurately display that in ITDR. Hugely beneficial.

We really really need visibility on clients that don't have P1 and/or don't use Microsoft authenticator. We deal with A LOT of small clients that don't have the budget for Premium. For us the MFA feature in Huntress is currently useless.

The MFA data is actually not currently accurately represented in the ITDR management interface. If you manually apply MFA to individual identities, yes, it is accurate, but if you apply MFA via policy (for instance, create a group whereby any identity added to the group has MFA forced on it) the ITDR management interface currently utterly ignores that these identities are MFA-enabled. With larger clients management by policy is the only realistic approach. We hope to see ITDR catch up to this reality. Case and point: we have a client with 678 identities - totally impractical to manage MFA identity-by-identity, so we do so by policy. ITDR management says that 305 of them are not MFA-enabled, but the reality is that only 5 of them are not MFA-enabled. The filter simply does not see MFA-enabled identities that were MFA-enabled by policy.

Including "last interactive login" in the table view makes a lot of sense to me. Or better yet, last activity. I suspect a lot of the users I see with MFA off in this view are stale accounts. Having this "recent activity" information would make it easy to just lock out the accounts and move on.

There are a few ideas discussed here. What is the summary of the planned feature?