File-Specific Exclusions for Credential Reports
A
Ashley Bell
We are requesting a feature that allows exclusions at the file path level, rather than only broad exclusions based on file types or categories.
Currently, Huntress allows for credential report exclusions, but they apply broadly rather than at a specific file level.
This causes repeated alerts for files that cannot be renamed or deleted. We propose adding an option to exclude individual file paths rather than entire categories, preventing unnecessary alerts while maintaining security visibility.
Use Case:
Clients often store evidence and case files with sensitive names that cannot be changed.
The current system does not allow for one-time approvals of these files, leading to repeated alerts.
A file-level exclusion option would allow users to acknowledge these alerts while maintaining security integrity.
Impact:
Reduces alert fatigue for security teams.
Allows compliance-sensitive clients to manage their environments without workarounds.
Improves Huntress' usability for industries with strict file-naming conventions.
M
Mike Repenning
We have clients that use secure vaults to access password lists, we also have clients that have documents with password lists with an acceptable risk that we would like to disable alerting for. In a perfect world every password is kept in a vault no matter how mundane and there will be no default credentials but until then we need some flexibility to best cater to our individual client needs.
I do not want to exclude the whole organization from credential alerts because if password lists get stored in a place they should not then we want to get alerting for those. File path exclusion like we have for EDR would be wonderful.
Jordan Networkelites
We also have a client that uses 1pass, and each users machine contains a break glass emergency kit titled 1 pass emergency kit that we would like to create an exclusion for, based on file type (pdf) and naming convention.