Password File Detection End User Report
Patrick Sofo [Security Product Manager]
Merged in a post:
Password File Detection Details Added to Monthly and Quarterly Reports
A
Alex Payne
Is there a way we could get more details to this added to the monthly/quarterly reports that are generated for clients? We want more details beyond just an incident number that includes this in it.
Patrick Sofo [Security Product Manager]
This is great feedback!
We do not have any near term plans (this quarter) to provide an end user friendly report for these findings like our main monthly/quarterly Threat Reports: https://support.huntress.io/hc/en-us/articles/4404012804115-Monthly-and-Quarterly-Threat-Reports.
If the LOW severity incidents become too voluminous there is a way to turn that off and access the non-reported signal data from the Process Insights dashboard and download the file on a per Organization basis for end client sharing. Granted we are aware this is not the most scaleable solution atm.
We will keep this thread updated as we further improve this feature so keep the feedback coming. Another ask we are considering right now is file level exclusions here: https://feedback.huntress.com/feature-requests/p/allow-muting-or-exclusion-of-a-host-from-password-file-alerts
J
John Hall
I agree with this comment - having these incidents in the form of a report for to use in a future discussion with the client to speak to best practices, etc. makes more sense to me than tickets (where there really isn't any necessary tech action).
K
King'la Rogahn'la
We just want the filename and computer it's on, so we can meet with a client POC and point out that it's either A) time to get a password management system in place for the business, or B) actually USE the password management system they already pay for. :)
F
Forrest'la Erdman'la
Should ONLY be on monthly reports.
R
Ryan Sipes
Agreed, including it as an incident has had some clients confused about what incidents occurred in their environment after reviewing the monthly report. It would be great to have these listed separately.