Huntress logs alerts to ScreenConnect instances.

Huntress has the capability to isolate a computer when a severe threat is detected.

Rogue ScreenConnect active sessions are a severe threat.

We can tell you for sure they are a severe threat by allow listing the one and only host our clients are allowed to connect.

Ergo, Huntress should auto-isolate a host when it connects to a known rogue ScreenConnect instance, and you don't have to worry about false positives because we have already told it exactly what it should do.

I have said this to every Huntress rep and they all seem puzzled. I don't understand why, all the pieces are already there. This would be a huge bonus for all of us and it seems trivial to implement.

Please consider fast tracking this.