If an account is seen to not have 2FA, an automatic mitigation should disable the account.

Huntress would need to extend the Microsoft license types supported for this. As of now, P1 and P2 licenses are required to see the status of 2FA across users, but E and A type licenses should be acceptable too.