Reporting & Dashboards

We currently have all of our organization’s monthly reports email to us first and we combine them with other reports before sending them to our clients. It would be very helpful to have an option to download all client individual reports at once instead of individually. If that could not be done, another feature that would make a big difference is the ability to schedule when reports are sent rather than having them all arrive at the same time. Right now with all of them being sent at once, it creates quite a bottleneck. Being able to stagger or time out the delivery would make the process much smoother.

This update will allow for Customers and Partners to see the full timeline of adversary actions taken, detection triggered, and investigative and remediation actions taken by Huntress SOC analysts, in a chronological timeline view

Including Company name in escalation/incident report subjects, or better yet the ability to send emails to specific addresses per Tenant. We have multiple clients who wish to receive incidents in real-time from us.

For unresponsive devices in Huntress, at the moment we’re opening tickets in our PSA to determine the current status of the device(s). To help us track this, we add the ticket number as a Tag in the Huntress Command Centre. This ensures we don’t end up asking the customer multiple times about the same device. We’d like the ability to display the Tag column when viewing the following pages at our account level: All Agents - https://company.huntress.io/account/agents Unresponsive Agents - https://company.huntress.io/account/agents?filters%5Bunresponsive%5D=1 This would make it easier for us to see when we’ve followed up on an unresponsive device, and also allow us to add tags in bulk without needing to leave this view and go into each individual organisation’s page.

Multiple endpoints that are part of a single incident will be included in the same report, simplifying our reporting and showing correlation across an infrastructure

This update will allow for the remediation of all compromised Endpoints and Identities that relate to one incident, showing all the effected components within the same report

This will update the emails that the Huntress Portal sends out to be more informative, with a better overall look and feel, aligning to Huntress as a company

Starting with Ransomware detections, correlate signals between different Huntress products to uncover suspicious activity, tying compromised identities and endpoints together.

I would like the ability to set Incident alerts to be sent to a shared mailbox instead of just one specific person. This would help ensure that multiple team members are notified and can respond promptly, improving our incident management process.

Right now we just have the option to pull a report that tells us there was an incident. Would like to see the ability to pull a report that has detail on that incident to provide to clients.