Managed EDR

Add the capability to have the Service and Display Name of the huntress agent list our Company name and maybe even display in Add Remove Programs. If our customers are working on their systems I want them to know the application is part of our tool/product suite.

Is it possible to see the username of who is logged to the host when looking at the Agent list as well seeing it in the details when you click on an Agent. It currently shows the Active Directory domain name so I assume it would be easy to pull the current logged in user.

Depends on: https://feedback.huntress.com/feature-requests/p/unique-keys-per-organization We have yet to deploy Huntress outside of labs because our client sites require the ability to add devices themselves (co-managed). We explored creating custom tooling for this, but we haven't had the time to do so. We would like the ability for organization level Admins to download the installer and use their own unique organization key to register the device (ideally, up to a set maximum per org). This would also be the dividing line between organization level security engineers and administrators (as one doesn't currently exist, as the existence of the role is being reevaluated).

Using a premade msi would make easier deployments for remote workers and prevent our keys from exposure.

Send alerts to email/PSA when a new Agent is installed and when an Agent is uninstalled.

It would be great to being able to manage the Agent version and perform roll-back from within the portal itself. Like some other vendors offer. That you can update clients based on organization level or groups - specially if Auto provisioning is in place

The ability to selectively disable your agent or enable a "troubleshooting mode" for a set period of time (4 hours, like Defender troubleshooting mode?) would be very helpful if we were to run into an issue that we had to disable huntress and defender to troubleshoot. Current method is to uninstall/reinstall the agent. This is not ideal either, as the workflows we have in place will automatically re-install it during check-in, which could occur at any point during troubleshooting.

We get requests from clients decommissioning machines out of client use but the agent is still online. We would like to be able to remove the agent in an automated process along with our other agents from the decommissioned machines. Uninstall the Huntress agent without the need to login to the Web UI. If not a way to override tamper protection, then maybe an API call to be made to call the huntress uninstall Process from the web through an API call.

The Installer Download link contains the account secret key, but it appears to download the generic installer that prompts the user to enter the Account Key and Organization Key anyway. Would it be possible to embed these details within the installer using the unique download link?

When a bad actor gets into a network, they easily escalate their privileges and can remove Huntress. I don't see why this has not been implemented yet. -Prevent uninstalling the agent from a pc. -Lock the installation requiring a token from the dashboard for offline installs