Reporting

Audit logs will become available for both Compliance and Forensics purposes, surfacing key data to track and review user activity.

Escalation does not include critical information such as the user account affected, when seen, IP address. Manually having someone go into the portal to view the information slows everything down.

Hi, In the Monthly Security Awareness Training Report, the "Email All Learners with incomplete episodes" - link, puts commas between the populated email addresses after the link injects the email addresses into a composed email. Basically, Outlook won't send it to all of the email recipients without the user manually taking the comma out of the email addresses -- this inconveniences the user. It seems the code in the link should look something like this: mailto:? bcc=email@email.com ; email2@email.com ; email3@email.com The user might still have to click on each email to make Outlook understand that you want to send to multiple email addresses -- not sure how to code that. Best regards, Mark Tetuan

There have been a few situations where an employee is marked as having been compromised when they are not, due to some arcane technical issue with forwarding. Our otherwise pristine records are broken by these false positives. We would like to be able to manually mark a compromise in a training campaign as a false positive.

Give Options to "white label" and send from a custom domain/smtp server. The monthly threat reports that MSPs can have emailed to their customers should come from the MSP and be branded as the MSPs report. They are currently totally Huntress branded and are emailed from Huntress.

Adding an option on reports to customize date range. Some clients looking for weekly/annual reports.

Would be nice to have a monthly report on the ITDR status of an organization. THis could include signals investigated, risky sign ins, mfa status and anything else that would be applicable for ITDR

-External Recon data reporting/alerting through email or PSA. -Ability to define IPs to track per organization. -Customize IP labeling, ability to add notes to ports (explanation on why it's left open)

We would like to show all of our clients the threat reports that we see throughout our organizations, but currently the reports show users information, we would like to have the option to have that information redacted for a more general use.

I'm not sure if I'm on the right board here, but currently the text message says: This is Huntress Labs Incorporated. A cyber incident has been detected in the Company XYZ Organization. Log in to the Huntress Platform for more information. I am proposing to add the module that that the detection came from. For example, if it came from the ITDR module, then it would say something like... This is Huntress Labs Incorporated. An ITDR cyber incident has been detected in the Company XYZ Organization. Log in to the Huntress Platform for more information. Its a small change but I think it would be helpful to know right away if its likely an email compromise or a computer compromise. Thanks! Charlie