File-Specific Exclusions for Credential Reports
A
Ashley Bell
We are requesting a feature that allows exclusions at the file path level, rather than only broad exclusions based on file types or categories.
Currently, Huntress allows for credential report exclusions, but they apply broadly rather than at a specific file level.
This causes repeated alerts for files that cannot be renamed or deleted. We propose adding an option to exclude individual file paths rather than entire categories, preventing unnecessary alerts while maintaining security visibility.
Use Case:
Clients often store evidence and case files with sensitive names that cannot be changed.
The current system does not allow for one-time approvals of these files, leading to repeated alerts.
A file-level exclusion option would allow users to acknowledge these alerts while maintaining security integrity.
Impact:
Reduces alert fatigue for security teams.
Allows compliance-sensitive clients to manage their environments without workarounds.
Improves Huntress' usability for industries with strict file-naming conventions.
B
Brendan Price
Second to what Jordan said, 1password also sends out a monthly 1password usage and overall security report as a PDF to the admin users and this one also triggers alerts if any of them open it.
Matthiew Morin (Huntress)
Merged in a post:
Exclude specific filenames reg. stored passwords
J
Jaap Engel
Case:
Exclude specific filenames regarding the stored passwords scan. Not all files with 'password' in the path- or filename hold actual credentials.
Example:
Some of our customers are working with 1Password. Every time documention on how to use 1Password or how to implement SSO is opened, we get an Alert because the filename "1Password SSO Configuration" has 'password' in the title.
Solution:
Please make it possible to exclude certain specific filenames or pathnames from the automated stored credential scan so we can filter out that particular filename over 1 tenant or account-wide.
Matthiew Morin (Huntress)
Merged in a post:
Exclude specific folders from password detection alerts
T
Tim Kaiser
I would like the ability to exclude a specific folder from password detection alerts. This folder contains credentials for new residents, which are not critical. Having this feature would help us manage alerts more effectively without unnecessary notifications.
Matthiew Morin (Huntress)
Merged in a post:
Exclude specific file types from generating alerts
J
Jeff Custer
I would like the ability to exclude specific file types, such as .PDF, .DOCX, and .XLSX files with '1Password' in the name, from generating false alerts in Huntress. This functionality would help prevent unnecessary alerts and streamline our alert management process.
B
Brendan Price
I'd also like this - I have one customer with 200+ users that regularly gets PDF forms from a government agency with the title "Request for a password for such and such.pdf" and has a related document they send out sometimes "How to apply for a password for such and such.pdf" - it would be great to be able to supress these alerts.
Thanks.
N
Nathan
I agree here. Huntress makes it sounds like there's some complex process going into flagging these files, but in reality it appears to be simply looking for the word "password" in the file name. This problem is growing for us, especially as we have co-managed education clients are constantly managing legit files with the word password in them. 1Password pdf invoice, education department training docs for new users, held desk files, etc. It's really reducing the efficacy of this alerting. Renaming them all isn't a practical solution.
Autopilot
Merged in a post:
False alarms with password file detection
D
Daniel Angell
Currently things like "Password reset guide.pdf" get triggered for password files, you can imagine what happens if a large enterprise all get emailed this file and it triggers an alert :) Some tailoring to keywords?
Autopilot
Merged in a post:
Create Exclusion for Potential Unsecured Credentials in Files Signals
W
Will Deris
Would it be possible to include an option to exclude a file/folder Potential Unsecured Credentials in Files on a device as we would not necessarily want to exclude an entire device from these reports.
M
Mike Repenning
Spent an hour this week clearing authorized credentials. It would be great if this functionality could be put in place so we aren't wasting time on repeat tickets. Thanks Huntress, love everything else but this one is a thorn in my side.
M
Mike Repenning
We have clients that use secure vaults to access password lists, we also have clients that have documents with password lists with an acceptable risk that we would like to disable alerting for. In a perfect world every password is kept in a vault no matter how mundane and there will be no default credentials but until then we need some flexibility to best cater to our individual client needs.
I do not want to exclude the whole organization from credential alerts because if password lists get stored in a place they should not then we want to get alerting for those. File path exclusion like we have for EDR would be wonderful.
Load More
→