The dashboard page with the phishing over time graph is now in general availability and available to all customers and partners. This page helps admins observe improvement in avoiding simulated compromise over time based on attempt number.

Partners have asked for ways to rename "Huntress Managed Learning - <month> <year>" to something that best reflects their own brand. Now they can! When they go to the Managed Learning Plan page, they can now hit the gear icon and rename future assignments.

We also have a beta feature we can enable to customize the time of day that learning plans launch to best support international audiences in EMEA and ANZ.

All Managed EDR partners can now request SOC Support for critical EDR incidents right from the Huntress Portal. This feature allows partners to communicate via a live chat - or request a callback from the Huntress SOC Support - via a button on the top right of all Managed EDR critical incident reports.

Feature Details:

If you select the callback option, all you need to do is input your phone number, name, email, and a brief description of what you need assistance with - the Huntress SOC Support team will call you directly to address your concerns or questions around the associated critical incident report. Each organization in an account is limited to one phone support request at a time.

We're excited to announce that we've enhanced our security by strengthening the protection of endpoints with Huntress. This improvement prevents easy uninstallation of the Huntress Agent or tampering with any of its components.

Moving forward, uninstalling the Agent can only be done through the Huntress Dashboard or by turning off the Tamper Protection feature in the Dashboard, then uninstalling it locally or via RMM tools.

For detailed instructions on enabling this feature or for more information, please refer to our Support Documentation here.

Bot-Head is looking to build something very special for the Curriculaville Comic-Con, but with a low balance in her bank account, she may have to turn to an AiTM attack to finance her project.

Learning Objectives:

Exciting News! We've streamlined our reporting system to improve how updates are handled. Previously, every change to an incident would trigger a new report, causing an overload of notifications, and cluttering ticketing systems and/or inboxes. This made it harder to track individual incidents, with multiple notifications to sift through.

With this update, reports can now be edited, with any changes to incident details, status, severity, or remediation guidance being reflected in a single report, reducing noise and making incident management much more efficient for our Partners and Customers.

The Huntress Managed SAT team is excited to share that when learners log into their Huntress Managed SAT portal, they will see an entirely new and improved interface which is now GA. Episodes are prioritized based on time left to complete and feature a more colorful, engaging style. The time remaining is clearly visible to help learners focus on completing the right episodes.

Admins can now also opt their companies into leaderboards. This new feature, currently in Open Beta, introduces friendly competition to your SAT program to help motivate learners to complete their assignments on time. Learners are assigned a randomized handle which they can change if they so choose, and can see how their security awareness stacks up against their colleagues. They score the most points by completing episodes within the first week of it being assigned with points decreasing over time after the first week. Learners lose points when they interact with landing pages from phishing scenarios in a way that simulates compromise but can recover some points by completing their phishing defense coaching.

To learn more about leaderboards, the scoring system, and how to opt in, check out this knowledge brief article here.

With this feature being in Open Beta, we are hoping to hear your feedback on what you like or where we can improve. Please feel free to make your voice heard here.

Great news for your quality of life with your Huntress environment: Our PSA integrations now support auto-updating ticket status! After an incident report is closed within the Huntress Dashboard, you can have it automatically update your PSA to keep your tool in sync with Huntress incidents.

To enable this functionality, log into your Huntress Dashboard, navigate to the integrations page, and edit your PSA integration settings.

Imani is taking a much needed vacation, but when someone catches wind of a big deal her company is working on, will she be able to protect the incredibly valuable details while working remotely?

Learning Objectives:

We're excited to announce that Unwanted Access for MDR for Microsoft 365 is now in General Availability! Unwanted Access protects your identities by detecting malicious activity related to logins to your Microsoft tenants. Unwanted Access introduces several new features:

Huntress now detects differences within login events from the same session. Our SOC analyzes these differences and will report on and isolate the identity if warranted.

Huntress now allows partners to configure Expected and Unauthorized rules within the Unwanted Access dashboard. These rules allow partners to tailor their SOC experience and provide context to Huntress analysts investigating potential malicious activity. Expected rules allow partners to specify countries and/or VPNs through which logins are expected to occur. By default, the identity’s usage location (country) from Microsoft will be treated as an Expected country.

Huntress will still evaluate all events for malicious activity, but Expected rules help the SOC filter out anomalies from confirmed malicious activity. Unauthorized rules allow partners to specify countries and/or VPNs through which logins should never occur. Huntress will send an incident report and isolate identities that trigger Unauthorized rules.

Huntress will now generate escalations for unknown login locations and unknown VPNs. These escalations provide partners with the ability to tell Huntress (via rules) if activity is Expected or Unauthorized. Escalations are only indicative of unexpected login activity and should not be considered incident reports.

We are continually iterating and improving upon Unwanted Access. To request specific features and see what is coming, please visit http://feedback.huntress.com/.