Detection of remote access software
M
Michael Gibby
The new Huntress detection of Connectwise has been fantastic, we caught some previous IT companies software on our recently acquired clients workstations.
It would be amazing if huntress continued this detection and expanded it to detecting other remote access software such as splashtop, teamviewer, anydesk, etc..
C
Chris Ba
This would be great. Just like the ITDR (un)Expected Countries/VPN, adding to the EDR a list of (un)Expected RMM / Remote Admin tools would be helpful.
Matthiew Morin (Huntress)
Merged in a post:
Report on additional remote access software.
G
Gary Melvin
Rather than just the Screenconnect on the command center dashboard. Could this be changed to all remote access software on devices. Maybe with the common ones like Anydesk etc. to start.
Autopilot
Merged in a post:
Additional Dashboard views besides Screen Connect
C
Christopher Culligan
Adding support for additional RDP software alongside Screen Connect on the main dashboard and in reporting would be very helpful, especially given the variety of RDP tools available. It would also be beneficial to have the option to show or hide these tools as needed in a setting.
H
Heten Mistry
With the ability to exclude our RMM agent, but report all other eg. Teamviewer, AnyDesk etc
J
Joel DeTeves
Please add.
S
Sean Nation
This would be a great addition, it is popping up more and more
R
Rachael Smith
Merged in a post:
RMM and Remote Access detection options
C
Charlie Klemm
Creating an option to detect activity from known RMM's and remote access tools would be helpful. For example, it would be cool to have a list of known tools you could opt in to be notified about. They would need to be an option to whitelist valid hostnames (like whitelisting your RMM instance hostname). Once opted in, you would get alerts on endpoint activity detected. Last, being able to exclude or whitelist on a client level would allow us to indicate if a client DOES actually use one of these tools and we don't need to be alerted about it.
***I worry this is a duplicate but I couldn't find anything
M
Milena Khlabystova
we'd like to go even a step further and have Huntress fire an escalation when a remote access tool is detected in the environment that has not been whitelisted by the partner.
T
Tyler Wright
I agree. It would be nice to have some kind of alert or dashboard that shows other software, like Splashtop, LogMeIn, AnyDesk, etc.
D
Dee Lowndes
Couldn’t agree more I’d actually like to be able to specify what we have as approved rmm tools and the connected server and then be alerted or block to anything outside of this appearing on our devices. Recently we have seen phishing emails from legit emails and suppliers that have had an account compromised asking staff to install legitimate rmm software that the hackers control.
Load More
→