Integrations

Please add native integration with Microsoft Teams Workflows for Huntress Labs to send EDR and ITDR notifications directly to Teams channels. This would allow IT and security teams to receive real-time alerts within their existing communication platform, improving response times and reducing the need to rely solely on email or the Huntress dashboard—especially when technicians are mobile or onsite. Ideally, the integration should support the same notification format currently used for email and ConnectWise PSA, with options for channel targeting via Teams Web Link. Best Case Scenario: For IT teams that are constantly onsite or in the field, email alerts can be easily overlooked or delayed due to limited inbox access. A Teams integration ensures alerts are delivered as instant, high-visibility messages where technicians are already collaborating—resulting in faster acknowledgment and resolution of critical threats.

Ability to create email integrations at the organization level so incident reports for certain organizations will be sent to them and not the account level emails.

I've heard requests for an integration that would push the number of agents deployed and the threat funnel into Lifecycle Insights for each customer. Is this of interest to you? If we could only get the stats on Systems Protected in right now but got the rest of the stats later in the year - would it be of value to get that data in ASAP? Please vote and comment on what should go in the report.

This update looks to make SIEM easier to operationalize by adding Billing support for PSA integrations and APIs

It would be nice to have an integration with NinjaOne US.

We would like to see a billing integration between Huntress and HaloPSA. Ideally this would push license counts for all Huntress products (EDR, ITDR, SAT, SIEM) to each of our customer records in HaloPSA and allow us to link the invoice quantities with licenses in use.

Autotask Ticket Number is what is seen by internal users and clients in an Autotask ticket or in the portal. The Ticket ID# is ONLY visible in the URL for a ticket and is an internal only reference number. The current API integration puts the Ticket ID# as a comment in the Incident, which is not useful since there is no place to look that up in Autotask. This really should be the Ticket Number.

Currently the Halo integration can create tickets/alerts but we cannot respond or close from Halo, Can this be expanded to a 2-way communication so our agents can work / close items in Halo instead of needing to close the Halo ticket and the huntress ticket separately.

This update will post correct SAT usage into the integrated PSA system for easier and more accurate billing

You now close tickets for incidents, but please can you also close automatically tickets for escalations and unwanted access when resolved.