Reporting & Dashboards

This update will allow for Customers and Partners to see the full timeline of adversary actions taken, detection triggered, and investigative and remediation actions taken by Huntress SOC analysts, in a chronological timeline view

This update will give Customers and Partners the ability to configure the details of where, when and who an Escalation will be sent to and reduce frequency of notifications

Starting with Ransomware detections, correlate signals between different Huntress products to uncover suspicious activity, tying compromised identities and endpoints together.

Multiple endpoints that are part of a single incident will be included in the same report, simplifying our reporting and showing correlation across an infrastructure

I see quite a few requests for exports on different areas of Huntress dashboards. I think it would be ideal to add this capability to export to excel/csv on all available tables. This could added as an export button next to the filter.

Customers on Starlink are being flagged as accessing from Mexico. SpaceX's IP address range 129.222.0.0/16 seems to trigger this. It would be nice if Huntress could differentiate Starlink IPs. Right now our only options are to whitelist Mexico or simply ignore these alerts. Instead of whitelisting Mexico, it would be nice if we could whitelist an IP range.

The ability to export or pull reports on the data to show the number of vulnerabilities that have been remediated (as found in the previously seen tab) would be great as a client facing tool. Expansion of customized reporting in general would be great, but this is an example of a specific use case.

The unresponsive link from the status email and the dashboard are wrong after the UI redesign. They link to . huntress.io/account/agents?filters%5Bunresponsive%5D=1 but the new UI wants huntress.io/account/agents?search=&agents_grid%5Bagent_status%5D%5B%5D=unresponsive&load_grid=true

Give Options to "white label" and send from a custom domain/smtp server. The monthly threat reports that MSPs can have emailed to their customers should come from the MSP and be branded as the MSPs report. They are currently totally Huntress branded and are emailed from Huntress.

The date and data filter for Process Events has been removed from the UI. The ability to filter this data is critical, as it is vast and virtually impossible to use without being able to filter by both date and time, and content.