Using the trial for another security service provider, we were alerted to the existence of a long-standing inbox rule that forwarded emails to an external domain. We've been using Huntress for a year at this point and had not seen any alerts about this rule from Huntress. The other service cited this rule as a vulnerability as it is "a common method used by attackers for data extraction."

It would be helpful if Huntress conducted an initial vulnerability scan for security vulnerabilities like this when onboarding, as knowing about this right off the bat would when we onboarded Huntress would have been helpful. Another possibility would be to peroidically perform a scan that we could then use to make exceptions or perform actions, like disabling a specific account, when vulnerabilities like these pop up.