J
Jon Sale
Application Control: Organization-Wide and Granular Approved Apps
I would like to see Huntress add more advanced Application Control functionality that allows approved applications to be managed at multiple levels.
## Requested Approval Scope
It would be very useful to approve or deny applications at different scopes, such as:
  • Entire organization
  • Specific site or company
  • Specific group
  • Individual device
This would allow MSPs and IT teams to build a controlled approved-apps list across an organization, while still allowing exceptions where needed.
## Why This Matters
This would help organizations move closer to a true zero-trust application control model. Similar to tools like ThreatLocker, it would allow companies to lock down endpoints so that only known, approved, or trusted applications can run or be installed.
This would be especially valuable for MSPs managing multiple clients, because each organization may have different software requirements.
## Suggested Workflow
When an end user tries to install or run a new application that has not already been learned or approved, Huntress could generate an approval request for designated technicians.
That request could include details such as:
  • Application name
  • Publisher or vendor
  • File path
  • File hash
  • Device name
  • Logged-in user
  • Organization/site
  • Huntress verification or reputation status
  • Whether Huntress sees the application as clean, suspicious, or risky
  • Risk level
  • Number of devices in that organization where the application is already installed
  • Optional Huntress-wide telemetry showing how commonly the application is seen across managed Huntress environments
## Approval Options
Technicians should be able to approve or deny the application from:
  • The Huntress portal
  • SMS/text message
  • Potentially email or mobile app in the future
For example, a text message could be sent to specified technicians with the application details and simple approval options:
  • Reply
    YES
    to approve
  • Reply
    NO
    to deny
## Policy Ideas
It would also be helpful if Huntress supported different policy modes, such as:
  • Audit only / learning mode
  • Alert only
  • Block unknown applications
  • Allow Huntress-verified clean applications
  • Require technician approval for unknown applications
  • Organization-wide approved application list
  • Group-specific approved application list
  • Device-specific exceptions
## Benefit
This would give MSPs and IT teams a practical way to prevent unauthorized or risky software from running while still allowing legitimate business applications to be approved quickly.
It would also reduce the burden of manually reviewing applications across endpoints and would help improve the overall security posture of managed organizations.