Changelog
Follow up on the latest improvements and updates.
RSS
Huntress Managed SAT now supports SCIM, an open standard for identity sync, to allow admins to set up learner sync with Entra, Entra in GCC-High environments, Okta, and many more!
Huntress Managed SIEM is please to announce the release of the SentinelOne log source. The KB configuration guide can be found here: https://support.huntress.io/hc/en-us/articles/41838176250259-API-SentinelOne-Audit-Logs
The Huntress Platform is making it easier to manage API keys. The Platform now supports user-specific API keys, assignable by Account Admins. So now an Account can have multiple API keys. The keys are associated with a specific user and mirror that user’s permissions. Don’t worry though, Accounts can continue to use existing API keys or you can use a combination of user-assigned keys and the Account key. In the future, new API capabilities, such as write access, will only be supported on these new user-specific keys.
The Huntress Portal has an updated navigation bar that includes a new Organization selection menu. This menu offers search functionality, and will make finding and selecting an Organization much easier especially for Partners with a large number of orgs under an Account.
Huntress has introduced improvements to Incident Reports to provide more visibility of all incident activity history. Reports now give you the complete history of any updates provided by the SOC. Now when a Report is updated the latest details will be at the top and previous updates will be shown below. There is also a "View Changes" button that will highlight the changes in each update.
The API Documentation Page has a number of new features that will make it easier and faster to get answers to your API questions and use the Platform API. Some of these features include:
- Simplified navigation and easy access to the OpenAPI doc via the top of the main page – https://api.huntress.io/docs
- The ability to generate sample API commands in many new languages including PowerShell
- Dark mode is now an option!
To ensure partners and customers always know who their Huntress contact is, and can easily reach out to them, the CAM name and contact information is now available in the Platform on the following pages:
- Within the self-serve "Contact Sales" workflow
- Billing & Invoices page
- Trial Manager
In order to provide more visibility of SOC actions being taken to contain a threat, preliminary Incident Reports are now being sent by the SOC when a host or identity is manually isolated.
The preliminary Incident Report informs partners and customers that the SOC is investigating an incident and took action to contain a threat, that the investigation is ongoing, and to expect a follow-up Incident Report. We are making this change so we can quickly contain a threat and provide context to partners and customers while minimizing the risk of an attack spreading as the SOC are actively investigating.
Users can now see error messages returned by an integrated PSA ticketing system in the Huntress Portal, as well as initiate a resend of any failed tickets.
We've updated the architecture back-end of SAT with two major changes:
- We now use learners' immutable IDs in their various directory systems rather than email address as primary ID. This allows for updates to email addresses in cases where someone changes their email address (such as in marital status changes.)
- We now support alternate email addresses on directory sync. This allows someone to report phishing from an alias associated with their account.
Load More
→