This would be a great value add

We would really like to see this happen.

I would love this; I was going through my managed anti-virus data and found 10k events last week alone and this week trending high; given this data isn't super useful unless you're in the platform it would be great to get an anomaly escalation or SOME form of notification when there's a spike so we can ensure stuff is properly protected/cleaned up.

Would whole heartedly appreciate this feature. Finding problematic behavior in users and helping them correct that is as important as remediating the file itself.

We didn't notice defender was quarantining 100s of files because we assumed as we didnt have alerts all was good... This is a must have for me!

Most Definitely need this. Just would like to know when something is being blocked/Hit.

+1 - We have enabled and are pushing MDE for our clients, with the idea that Huntress will act as the management platform. Right now, we still have to field alert notifications from defender-noreply@microsoft.com

It feels like the hard work has already been too! Viewing the device that MDE generated an Informational alert for today all the data for the incident report is right there, just no PSA ticket!

I can't believe this was requested in 2021 and still isn't built in.

What is huntress actually doing with MDE if not reporting its alerts? I thought that was the whole goal of defender + huntress?

Just got bit by the lack of this. Need some way to at least report on past auto-healed incidents. Arguably we should have a toggle to enable actual tickets and not just historical info.

The official response is "to reduce noise we don't tell you". I'd counter by saying any malware encounter is one too many, even if handled/blocked. At minimum we should council the user and suggest SAT.

Agree!!