With numerous attacks occurring from end users clicking on links, would it be possible for Huntress to periodically extract what websites users have gone to on their computers? This could be displayed under the computer in the Huntress portal or even a separate section? I’ve seen a few freeware tools which allows this information to be extracted across user profiles. This could be extended to allow for some form of backend automated URL checking/scanning which could generate alerts if sites with dodgy characteristics or known bad reputation are visited. End result, if a user is breached we can see a recent history of sites visited and it can help in the reporting process.

This could even be further enhanced to allow partners to report phishing links etc to a central Huntress location which could then in turn notify the threat hunters and allow updates on site reputation.

Could possibly be argued that privacy is a thing, but that is a discussion the partner can have with the customer and ensure their IT use policies are adequate.