Tamper Protection MAV
Hi team, would love the ability to control tamper protection for MAV via Huntress. We have a few clients that use it and it can get turned off for a variety of reasons and would love to have that control in a policy.
Password File Detection End User Report
Would like to see an end user facing report similar to the monthly client report that could be sent directly to an end user with details on the password file(s) that were found and then info on what they should do and why it's best to not have this stuff saved like they do.
API Integration with Slack for kicking off assisted remediation
Can you guys update your API so that we can get tickets into slack and perform remediation through slack?
You don't currently detect the very common browser hijacker and adware known as OneLauch. I contacted support and was told you don't plan on doing so as it doesn't currently do anything more severe like provide remote access or execute commands. However, it installs itself through deceptive means through scareware advertisements. It makes itself very hard to remove and recreates links to itself when deleted. It serves up further scareware ads that other firms have said are linked to account compromises. It spreads through shared environments such as RDS servers and causes serious functionality issues. It also is detected by competing EDR solutions such as Crowdstrike. I implore you to reconsider and start detecting it. Thank you!
Customers like the feature but form a MSP stand point with all the new password alerts coming in they are becoming WHITE NOISE. Yes you can filter the alerts but the LOW - Incident alerts that need actual remediation are flooded into the all the Password alerts that are LOW - Incident. Would like a way to somehow have the password alerts separated from the actual alerts that need remediation.
allow muting or exclusion of a host from password file alerts
If a client/customer wishes to keep a file on their machine that has the name "passwords" on it that's up to them. We should be able to mark somewhere that we've followed up about that file and would like to mute or white-list or exclude future alerts about it. I can't imagine having hundreds or thousands of machines what kind of noise this would be creating weekly.
would like to be able to report on all users at the site level and more importantly at the tenant level
MSP breakdown of API Access
We have many Organizations in our Account. For some of those organizations we need to be able to use an API token to integrate with that Organizations SIEM where they have one, or they use a 3rd party that has one. I need a way to create an API key that has RBAC (read only access in this case) and has it to only a single organization.