Managed SAT

Similar to custom assignments, it would be helpful to be able to send out enrollment/content reminder emails to an indivdual learner at the company/client level. Currently, the plaform only allows you to send to all learners.

Add in feature for the ability to export the reports under the "Standard Reports" section of the SAT dashboard.

Add a column to the "learner assignment" report that records how many "attempts" a user took to "pass" the SAT module - this ask is to help admins sort out who is engaged with the training and who is just taking multiple attempts until they pass. Partners/Customers want the ability to see this information to engage with end-users that they suspect are not truly going through the training to learn.

The monthly summary report doesn't provide in depth visibility into "how end users are doing on their assigned trainings?". For some orgs they want to review the scoring that end users are receiving and the ability to view it over time across multiple campaigns in one aggregated report.

Threat Simulations appear in the leaderboard point totals, but there is no way to see the underlying activity. In the individual learner view, phishing and assignment activity are both visible, but Threat Simulation activity is absent entirely. Requested: surface Threat Simulation activity per learner showing which simulation was completed, when it was completed, and how many points were awarded.

Requesting SAT that involves QR Codes (Quishing Attacks). It would be nice to see if anyone scans the QR code as a counted click. Edited by Huntress staff: Create a poster asset that addresses QR Code phishing.

We have an interest in any potential Teams to Teams vishing tests to supplement phishing email tests. Executive Summary This feature request proposes the addition of Teams-to-Teams voice call simulation capability to the phishing simulation platform, enabling security teams to test user susceptibility to vishing (voice phishing) attacks originating from within the Microsoft Teams environment. The core capability requested is the ability to configure simulated inbound Teams calls with spoofed or custom display names — such as "Support," "IT Support," and "IT Help" — that mirror the social engineering tactics used by real-world threat actors targeting enterprise environments. Problem Statement Current phishing simulation platforms cover email-based attack vectors comprehensively, but a significant and growing attack surface remains untested: voice calls delivered through Microsoft Teams. Adversaries increasingly abuse Teams' federated calling and guest access features to impersonate internal IT and support personnel, leveraging trusted display names to manipulate employees into disclosing credentials, approving MFA prompts, or providing remote access. The following gaps exist in current simulation tooling: • No capability to simulate inbound Teams calls to end users • No mechanism to test user response to display names impersonating IT/helpdesk identities • No training trigger (teachable moment) delivered in-channel post-call • Vishing risk is entirely absent from current security awareness metrics and reporting dashboards Proposed Feature Description 3.1 Core Capability Introduce a new simulation module within the platform that enables administrators to configure and launch Teams-to-Teams call campaigns. The simulation engine should place calls to targeted users through the Microsoft Teams client using configurable caller identity display names. 3.2 Caller Display Name Configuration Administrators must be able to define one or more display names for the simulated caller. Requested display names include at minimum: • Support • IT Support • IT Help • Help Desk • Security Team • Microsoft Support Display name assignment should support randomization across a defined list, enabling varied and realistic simulation campaigns. The platform should allow administrators to add custom display names beyond the built-in library. 3.3 Call Interaction & Scenario Engine Each simulated call should support a configurable scenario script or audio prompt tree, presenting the target user with a plausible social engineering pretext. Recommended default scenarios include: • "We've detected unusual sign-in activity on your account. Can you confirm your identity?" • "This is IT Support — we need to verify your credentials due to a system migration." • "Please approve the MFA prompt we just sent to resolve your account lockout." The system should record or log whether the user: answered the call, stayed on the line past a defined threshold, verbally provided information (if voice capture is available), or hung up immediately. 3.4 Teachable Moment — Post-Call Training Immediately following a simulation call (whether the user "failed" or not), an automated follow-up should be delivered via Teams chat from the simulation platform bot, providing contextual awareness training explaining the vishing tactic used and guidance on how to verify legitimate IT contact. Sample Simulation Scenarios See attached image The following is a resource published by Microsoft on this attack vector: https://www.microsoft.com/en-us/security/blog/2025/10/07/disrupting-threats-targeting-microsoft-teams/

We have had requests from our customers for Huntress SAT to have the option to bundle training reminders together into one email if user is behind with training rather than separate emails for each Assignment they have outstanding.

Be able to print custom episodes to PDF for helpdesk use

At this time, we currently already have the ability to send assignment reminders on an organization basis, and not for specific learners. I would like the ability to stop specific users from receiving the reminders, along with being able to manually send specific users reminders.