Reporting

Please add functionality to disable monthly or quarterly reports. A setting should present to select which report they need automatically.

Audit logs will become available for both Compliance and Forensics purposes, surfacing key data to track and review user activity.

I think it would be beneficial to have more information included on the agents. This would include having an audit log of recent users who have logged in or just even having a current user logged in column!

Being able to target the specific content you want in a report would be great, similar to modules that can be selected. For instance, being able to pull a report that contained all the Incidents with the included summary notes from the SOC would be very useful as supplemental material to the normal monthly/quarterly ones.

Adding an option on reports to customize date range. Some clients looking for weekly/annual reports.

Multiple endpoints that are part of a single incident will be included in the same report, simplifying our reporting and showing correlation across an infrastructure

Reporting about installed software which is behind on updates/patching and potentially related CVE's.

I'd like to be able to attach the report PDF automatically to the email in addition to the link already included.

I would like to see reporting for common PUP's. There should be an option to review and approve or reject these applications from the dashboard.

It would be beneficial if incident reports included the specific logs entries that triggered the incident. This could save valuable time in responding to incidents and would provide helpful info for reducing false positives. Currently we have to identify the triggering log entry by searching for the corresponding timestamp. Including the actual log info under the 'Signals Investigated' tab within the incident report would be awesome as it would save time and eliminate some of the guesswork.