Wave Browser
in progress
C
Calin Andrews
In the past WaveBrowser was detected as PUP with the option to use assisted remediation for removal. More recently, WaveBrowser is no longer being monitored for. I've been told this was due to the amount of rejections by partners for the WaveBrowser alerts, purporting that WaveBrowser had legitimate use cases for partners and their customers.
Partners need to have the ability to make account-level or organization-level decisions on PUP exceptions rather than having past functionality removed (which our processes may be reliant upon).
If changes like this are made, we need a centralized location to let partners know what changes were made so that we can adjust.
R
Ryan Sipes
Calin Andrews Yep, agreed. It's so odd to see these PUPs ignored when Huntress started with detecting persistent footholds and has gone on and on about how this is one method initial access can begin. It definitely needs to be an account/org/device level setting that can be modified.
B
Brandon Arakaki
It would be even better to be able to label and classify these types of softwares ourselves. A blocklist. I already submitted another request similar, but this seems to be a great use case.
E
Ed Murphy [Product Manager - Huntress]
in progress
Going forward Huntress will be categorizing Wave as a PUP. Our portal does support exceptions for organizations that do not wish to have this reported as an Incident Report
C
Casey Rand
Ed Murphy [Product Manager - Huntress]: This makes me way happier than it should. Thank you!
A
Alonso'la Adams'la
Ed Murphy [Product Manager - Huntress]: This is awesome - thanks for responding so fast
D
Dusty'la Auer'la
Until they change this - I had to get one off remediation reports for all affected endpoints with Wave Browser a few weeks ago.
A
Andy Larin
I agree, we also ran into this.
E
Ed Murphy [Product Manager - Huntress]
under review
We are looking into adjusting how Huntress handles Wave browser moving forward