Provide Alerts or Signals for Galactic Advisor scans
A
Adrian VanderLaan
Would like to see alerts in the portal (or event logs) that Galactic Advisor scans ran. Currently, the tool seems to be completely ignored. This tool is used by thousands of partners as a light pen test for clients. Would be nice if we could show that Huntress saw that the test ran and alerted on it. I realize we don't want to waste SOC time on this, but is there a way it could be an automated alert that by-passes the SOC? When we run the scan for clients it's frustrating to have to acknowledge that Huntress didn't alert on it. The customer ends up seeing in the report that is presented to them that the EDR didn't alert. It's not in Huntress' best interests when reports are shown to clients that say that Huntress didn't alert to the Pen Test.
A
Alex Wilkins
Yes we would love this too. The tool is a scam like RFT, the current program name runs as "DropShip_TESTUUID.exe" so it should be easy to find
J
Joshua Eimer
Would love to see this added! Even if it's just flagged similar to how the "Simulate an incident" is.
S
Sean Maguire
1000% YES! - The 'scammers' are going to tell the clients well your current provider didn't notice us so they are not doing a great job keeping an eye on things!
D
Dustin Bolander
I came here to yell about the tool being a scam, but I love this idea. Rapid fire tools too. So then we can yell at the client about "why are you talking to scammers"
D
Dustin Bolander
Gary Gagnon its a fear based selling tool and they coach you to use it that way.
G
Gary Gagnon
Dustin Bolander Thx for letting me know!