Account, Org, and User Management

It would be useful to get alerts when changes are made to administrator accounts or administrator roles are assigned. Specific examples: -Any administrator account password changes or is reset -Any administrator account authentication method changes or resets -Any administrator account has sign-in blocked or existing block is removed -Any administrator role added to or removed from an account -Emergency administrator (break-glass) signs in or failed sign-in -Conditional access policy changes that apply to administrator accounts

Org level admin - respond to escalations - my client knows best where their users should be or shouldn't be - I would like them to be able to respond to the escalations - and select the Unauthroised / authorised

I would like the ability for organization-level users to receive their own alert emails for self-management. Currently, adding an email to the alert list means they receive alerts for every account, which is not ideal. It would be beneficial to have a feature that allows specific users within an organization to manage their own alerts independently.

Please for the love of all things improve the organization dropdown in the menus. It is nice having all organizations listed, but it is unruly when we have so many organizations. In the new UI preview it is a little cleaner, but still overwhelming. I'm also baffled by the fact that the new UI preview doesn't have the organizations organized alphabetically in this list. What would be nice to see is a smaller dropdown that lists recently access organizations, or organizations with recent threats, then include a search box at the top so we can actually quickly jump to any organization without having to scan through the list. If you do decide to keep the full list, restrict it to a single column and allow scrolling, again with a search bar at the top. If for some reason you do keep the multi-column view - please sort each column first A-Z top-down, before moving to the next column.

Huntress doesn't currently have any way, that I am aware of, to track login events for users in the Huntress portal itself. While unlikely it would still be very nice to have a way to either track it or receive alerts based on it.

We would like to give certain customer user accounts the ability to respond to incidents and escalations at a sub-account or organization level. Currently, admins can only view but cannot respond. This feature would be beneficial for our customers who have their own internal IT teams capable of handling incident responses.

We would like to see the addition of FIDO security key support as a multi-factor authentication (MFA) option for logging into the Huntress tenant. As organizations increasingly adopt phishing-resistant authentication methods, FIDO2/WebAuthn has become a critical standard for securing access to sensitive systems. Why this feature matters: FIDO keys provide strong, hardware-based authentication, reducing the risk of credential phishing and account compromise. Many compliance frameworks (e.g., NIST 800-63, CISA Zero Trust guidance) recommend or require phishing-resistant MFA. Offering FIDO key support would align Huntress with modern security best practices and customer expectations. Benefits for Huntress and its customers: Enhanced security posture for administrators and partners. Improved compliance with industry regulations. Seamless integration for organizations already using FIDO keys across their environments. We believe this feature would significantly strengthen the security and usability of the Huntress platform.

Accessing Huntress Hub. I received 2 issues. One was in the terms and conditions when first logging in and the other was through the Huntress Hub accessing the tutorial for MAV, Ransomware and Recon. I have attached screenshots of both.

I have a client who wants to receive alerts directly as they happen, instead of us receiving them first and then notifying them. It would be beneficial to have a feature that allows org admins to receive notifications directly, bypassing the account admins. This would streamline the alert process and ensure timely communication with the client.

Some customers want to monitor their own organizations. Allow the creation of a user that can only access certain organizations. Alternatively, a tech can have access to certain organizations.