Managed SAT

Currently, Manager Notifications in Managed SAT are a "black box." We can enable them, but we have no way of tracking when—or if—they are actually sent to managers. This creates significant friction when managers claim they were never notified about their staff's incomplete training. We need a transparent view (either via Audit Logs or Reporting) that confirms exactly when an escalation email was triggered and sent to a specific manager. Key Requirement: We need to be able to see a timestamped log entry (e.g., "Escalation sent to [Manager Name] on [Date]") to ensure accountability and provide executives with a transparent view of the reporting flow. Use Case / Scenario: A Department Head claims they never received the escalation emails regarding their team's overdue training. Currently, to verify this, our technicians must leave the Huntress portal, log into the specific client's M365 tenant, and run a Message Trace to find the delivery logs. This makes reporting disjointed and labor-intensive. We shouldn't have to rely on external mail traces to validate the platform's functionality. Having these logs visible directly within the Huntress SAT reporting flow would provide a unified view and allow us to answer these queries in seconds without authenticating into a separate system.

A training on the dangers of lending your work asset to unauthorized users or children would be fantastic. There's been a rise of customers just handing their work computers to their kids so they can play Roblox or Minecraft and they cause all sorts of EDR detections because they don't know how to legitimately download things.

Hi, For users who have completed their recovery training in a rush, I would like to be able to resend the recovery training or have the Recovery Training made available as a selectable episode when you create an assignment please. Thanks,

Hello, we have many clients on on-premises exchange servers and we would like, if possible, an integration of the button to report phishing attempts, as is the case for o365 and Google Workspace.

I would love to be able to offer separate end dates for content in the same assignment. Currently, we can only end the whole assignment on a specific date. We have monthly content that opens at the beginning of the year. They can do it all at once or one content each month. It would be nice to report to their managers if they haven't completed the content for that month, but it won't let me schedule separate end dates in one assignment. The alternative to making separate assignments each month is not ideal.

Would be nice to add simulated phishing involving users being prompted to contact a phone number as abuse of legitimate services to send emails formatted with phone numbers to trick users into contacting illegitimate numbers is increasing.

We request the SAT API expose immutable identifiers (email/name at event time) for events tied to deleted learners so we can attribute historical phishing/training activity outside the UI. Today, the UI shows those rows with a “Deleted” badge, but API responses return relationships.learner.data = null, which prevents programmatic attribution and automated reporting. This blocks our ability to provide 12 months of history for insurance audits; we need either tombstone fields on events or an include_deleted option/endpoint to surface those identifiers via API.

We've been seeing a big uptick in malicious and phishy calendar invites. I think it would be a good idea to have that as an option for a phishing campaign scenario.

Problem: Security analysts and technicians must occasionally interact with live phishing campaign links (detonation/verification), which incidentally records a 'compromise click' against their profile. This skews metric integrity and forces requests for manual resets, which is not currently possible. Solution: Introduce a 'Simulation/Test Mode' that allows designated admins or technical users to click/detonate campaign links without the action being logged as a compromise or affecting overall campaign statistics. This preserves data integrity while facilitating necessary technical review.

Please add a Filter and column Learners page to that shows if the new General Manager View is enabled for a Learner. Thanks,