Huntress Managed ITDR can now disable and re-enable Active Directory (AD) synced identities (also known as “hybrid” identities) using the Huntress agent on an organization’s AD server. AD servers with a Huntress agent of v0.14.22 and later can utilize this functionality. Huntress analysts can now add identity disablement for these identities as a Containment (ie: automatic) remediation and as an Assisted (ie: partner-initiated from the Huntress incident report) remediation. Huntress partners can also disable these identities directly from the Huntress portal.
Partners will receive a new escalation when an AD synced identity disablement task fails. Identity disablement will not be an option for AD sync’ed identities without a corresponding agent on their AD server.