New standard reports for Phishing & Assignments give you a more granular view of overall performance and allow you to identify learning gaps and trends.

Huntress has released several new APIs including the first set of write APIs!

The first is an Escalation API that allows for listing Escalations and getting the details of a specific escalation, and an API endpoint to enable resolution of the most common escalations. Documentation is available at https://api.huntress.io/docs#tag/escalations

There is also a new API endpoint for Incident Reports that allows for the approval or rejection of remediations, and resolving Incident Reports. See the API documentation for details and sample data.

When creating exclusion settings for Defender Antivirus in the Huntress Portal, you can now add individual endpoints and Organizations to existing exclusions. This simplifies the process and saves time by removing the need to create new, additional exclusions when an endpoint or Organization is onboarded.

The custom content creator now has a new slide type specifically for images that take up the entire slide such as screenshots or exported images from other presentations. The slide maintains aspect ratio and doesn't crop the image when resized. The slide type is available to all users today.

All pages in the Portal now support the dark mode theme. Use the gear icon in the upper right corner of the Portal to switch to your preferred theme.

Huntress Platform Administrators can now set the default language for Threat Summary Reports. Reports can be configured to be in English (the default language), Dutch, French, and Spanish. To change the language, in the Portal click the hamburger menu in the upper left corner, choose Settings and then select the desired language from the drop down in the Brand Settings section. Once the setting is changed, all future Threat Summary Reports for the Account and Organizations will be generated in the selected language.

Hackers are constantly looking for ways to tamper with security tools in order to operate under the radar. Huntress Managed EDR now detects, remediates, and alerts the SOC when attackers abuse Windows Firewall to block communications between the EDR agent and the Huntress Platform, and impair Windows Defender Antivirus. To learn more, please check out this blog and watch this portion of Product Lab where Jonathan Johnson, Principal Product Researcher, goes into more detail.

This new feature for Huntress Managed SAT allows you to grant someone access to a real time report showing assignment and phishing data on all learners in an organization without giving them access to any administrative tools.

To enable this feature, go to the 'Learners' list, drill down into the specific learner you want to designate as general manager, and flip the toggle on "General Manager View". That learner will now see a new "Manager Report" in their learner portal with in-progress assignments and phishing.

Huntress Managed SAT now supports SCIM, an open standard for identity sync, to allow admins to set up learner sync with Entra, Entra in GCC-High environments, Okta, and many more!

Huntress Managed SIEM is please to announce the release of the SentinelOne log source. The KB configuration guide can be found here: https://support.huntress.io/hc/en-us/articles/41838176250259-API-SentinelOne-Audit-Logs