Detection of remote access software
M
Michael Gibby
The new Huntress detection of Connectwise has been fantastic, we caught some previous IT companies software on our recently acquired clients workstations.
It would be amazing if huntress continued this detection and expanded it to detecting other remote access software such as splashtop, teamviewer, anydesk, etc..
R
Rachael Smith
Merged in a post:
RMM and Remote Access detection options
C
Charlie Klemm
Creating an option to detect activity from known RMM's and remote access tools would be helpful. For example, it would be cool to have a list of known tools you could opt in to be notified about. They would need to be an option to whitelist valid hostnames (like whitelisting your RMM instance hostname). Once opted in, you would get alerts on endpoint activity detected. Last, being able to exclude or whitelist on a client level would allow us to indicate if a client DOES actually use one of these tools and we don't need to be alerted about it.
***I worry this is a duplicate but I couldn't find anything
D
Dee Lowndes
Couldn’t agree more I’d actually like to be able to specify what we have as approved rmm tools and the connected server and then be alerted or block to anything outside of this appearing on our devices. Recently we have seen phishing emails from legit emails and suppliers that have had an account compromised asking staff to install legitimate rmm software that the hackers control.
M
Matthew Coombe
This appear to be a duplicate of the item below
M
Michael Gibby
Matthew Coombe this url just links back to this thread?
M
Martin Twerski
Michael Gibby try this one?: https://feedback.huntress.com/feature-requests/p/rmm-and-remote-access-detection-options