Boards

Managed EDR

Integrations

Security Awareness Training

ITDR (MDR for Microsoft 365)

Reporting

macOS

UI/UX

MAV (Managed AV - Microsoft Defender)

Ransomware Canaries

Managed SIEM

API

SOC/Incident/Investigations/Escalations

Account/Organization/User Management

Powered by Canny

SOC/Incident/Investigations/Escalations

Incident Notification Contact - Brazil

Request to add Brazil (+55) to the available countries in the Incident Notification Contacts

Escalation Wrong Unexpected Country?

Escalation 206097 wrongly identified user location as Jamaica when the user was in Antigua/Barbuda. Entra sign-in logs reported correctly that the user was in Saint John's, Saint John, AG. The reason this is being reported is that O365 conditional access policy has both Antigua/Barbuda and Jamaica and for security I don't want to open both. ----------- Microsoft 365 Login - Unexpected Country - Jamaica ----------- Entra: 5/5/2025, 7:54:15 AM, 142af46b-61d1-4557-b73e-4e9798ca4800 Outlook Mobile, Failure, 53003 66.249.146.210 Saint John's, Saint John, AG Failure, Not Agentic, Multifactor authentication

Correlation Between Huntress Products

Starting with Ransomware detections, correlate signals between different Huntress products to uncover suspicious activity, tying compromised identities and endpoints together.

this quarter

Investigative timeline added to Incidents

This update will allow for Customers and Partners to see the full timeline of adversary actions taken, detection triggered, and investigative and remediation actions taken by Huntress SOC analysts, in a chronological timeline view

future planned

SMS / Phone Call Alerts - Provide Scheduling Options

Having all alerts go to a single phone number 24/7 is not really a practical solution. Ideally, we would want to enable alerts for critical incidents to go to our on-call out of hours number during a set time period and at weekends, otherwise incidents might not be picked up until business hours.

Export CSV of Incidents

Is there any plan to implement a feature to be able to export 'Incidents' to a CSV? This feature would be greatly appreciated.

Streamlining Incident Reporting for Multi-product detections

This update will allow for the remediation of all compromised Endpoints and Identities that relate to one incident, showing all the effected components within the same report

future planned

Standardized and Improved Escalations

This update will give Customers and Partners the ability to configure the details of where, when and who an Escalation will be sent to and reduce frequency of notifications

future planned

Ability to exclude accounts from triggering Escalations or even Turning the Escalation to not alert

We have Just In Time accounts that seem to keep triggering the Escalation "Login without usage location" every time the account logs in, we would like to not be alerted on this for our JIT accounts, it creates a lot of noise within the dashboard.

Provide a way for us to talk to the SOC via messaging

It would be helpful to communicate with the SOC following an escalation through a chat feature.

Load More

→

Powered by Canny