User and Organization/Account Management

Org level admin - respond to escalations - my client knows best where their users should be or shouldn't be - I would like them to be able to respond to the escalations - and select the Unauthroised / authorised

We would like to see the addition of FIDO security key support as a multi-factor authentication (MFA) option for logging into the Huntress tenant. As organizations increasingly adopt phishing-resistant authentication methods, FIDO2/WebAuthn has become a critical standard for securing access to sensitive systems. Why this feature matters: FIDO keys provide strong, hardware-based authentication, reducing the risk of credential phishing and account compromise. Many compliance frameworks (e.g., NIST 800-63, CISA Zero Trust guidance) recommend or require phishing-resistant MFA. Offering FIDO key support would align Huntress with modern security best practices and customer expectations. Benefits for Huntress and its customers: Enhanced security posture for administrators and partners. Improved compliance with industry regulations. Seamless integration for organizations already using FIDO keys across their environments. We believe this feature would significantly strengthen the security and usability of the Huntress platform.

It would be great if each organizations Command Center showed all of the Huntress Products (EDR, ITDR, SAT, SIEM) and a quick [active / inactive] indicator. I have Security Engineers that currently do not have a way to tell if an organization has ITDR. The Command Center is the perfect place for this high level overview, and is ALMOST already set up that way.

I would like the ability for organization-level users to receive their own alert emails for self-management. Currently, adding an email to the alert list means they receive alerts for every account, which is not ideal. It would be beneficial to have a feature that allows specific users within an organization to manage their own alerts independently.

I have a client who wants to receive alerts directly as they happen, instead of us receiving them first and then notifying them. It would be beneficial to have a feature that allows org admins to receive notifications directly, bypassing the account admins. This would streamline the alert process and ensure timely communication with the client.

Looking to have the ability to change the point of contact listed on the message users receive when an endpoint is isolated at the org level.

This 60 minute portal timeout is frustrating. Can you get that changed to allow a longer timeout window.

I need a way to group user identities into a separate 'Organization' within our 365 tenant. We have about 40 users who belong to a separate business and require different country login rules. Currently, there is no feature to split up a tenant into groups, which would be very helpful for managing these users more efficiently.

I want to grant a user from the parent account side and delegate their access to only select subaccounts. Currently, there is no way to restrict access to certain subaccounts, including our own internal tenant, which is a concern for us.

As an organization user, I find it inconvenient that I cannot disable tamper protection. It would be beneficial if organization users could have the ability to access and modify tamper protection settings, similar to account level users.