Exception for MDR accounts
complete
H
Howell Villeza
Need to improve on making an exception rule in part of the Huntress MDR for certain accounts in O365. There is instance that an account may require to access the GA into different GEO location. And in addition to this is the ability of the admin portal user to have the power to pre-configure the way the pre-remediations actions. Like having much control over the action that needs to be taken once there is detection of any anomaly's activity in the account.
Canny AI
Y
Yossi Leitner
Huntress Team, please comment on this.
It's extremely important to have this option. Clients don't want to have ITDR at all, because the lack of this feature.
D
Dom Shepherd
This would be a really good feature since sometimes licenses are required for an identity but the risk is so low (such as with shared mailboxes if they're completely disabled).
T
Teri Olson
We are running into the issue with schools as well. Would like to exclude A1 licenses in this case.
P
Peter Durand
Same problem for us as NW posted. Not only an issue for schools, but there can be reasons for small exclusions.
NW
This is a mess for us.
I appreciate this one is difficult, as money needs to be made, but we have scenarios where admin teams, and not students, need monitoring (as one example)
Shared should not be billable.
D
Dom Shepherd
NW Agreed
R
Russell Tammany
We also have a client where they are in a larger holding company tenant and would like to only monitor their domain mailboxes not all 6000 other users...
A
Alfie Parker
Russell Tammany We have a similar issue. Would be nice to apply to a security group or similar.
S
Salley'la Auer'la
complete
Identity Isolation exclusions are live!
Disable Huntress Managed Response's Identity Isolation for your entire account, specific organizations or even select users. To configure, you'll find the option under your account settings :)
S
Salley'la Auer'la
in progress
First part of this is coming soon :)
T
Tanner Stine
Expanding on this, organizations using Proofpoint for email security would have mail rejected if an account is placed in a disabled or blocked sign-in state. Optional isolation actions on an organization level might be appropriate.
Load More
→