External Recon - Specify company owned IPs and IP blocks
With so many agents checking-in from home networks, it would be nice if we could specify at the organization level IPs or IP blocks in use at company locations. Then on the External Recon page, differentiate those somehow so we can prioritize investigations appropriately without a bunch of extra investigative effort.
IP Blocks for PSA Integration
Instead of leaving our PSA open to the internet to support AWS connections for the platform, can you allow us to restrict access by setting up a proxy with a fixed IP?
It would be nice to have an "undo" remediation button on the off chance that we read an incident report, hit approve, and realize after the fact we should have rejected.
Support for Mac would be nice. The majority of our devices are Windows but we'd like to have coverage everywhere we can.
Support the ability to manage the built-in Windows firewall on endpoints. This would allow for "patching holes" and brings in the potential for a "lockdown" mode when malware hits.
Partner Enablement User Role
I'd like there to be a role where a type of user I set up can only have access to the partner enablement portal.
Enable host isolation
When Huntress or Defender detects alert isolate the machine to prevent lateral movement. Provide the means to remediate with tools.
Phone call for isolated devices
I spoke with an MSP who would like to request a phone call in addition to the ticket/incident report for after hours incidents that have triggered host isolation. Tickets are not monitored at this MSP 24/7 but they do have an on call after hours line.