You can now simulate incidents for EDR and Microsoft 365! This feature lets you experience the Huntress incident response workflow as if a critical-severity incident was occurring in your network or Microsoft 365 tenant. Incident simulation aims to answer the question of "Is this thing on?", but can also be used during tabletop exercises to test security response protocols.

Today we update our ConnectWise, Autotask, Syncro, and HaloPSA integrations! We will now automatically have tickets update when a Remediation Plan is Approved or Rejected within the Huntress Dashboard, the following information will be parsed into the PSA Ticket:

No additional configuration will be required to include this new functionality.

We’re excited to announce an update to the Huntress UI Dashboard with new icons on the lefthand navigation that streamline access to our core product offerings:

When selected, these icons will lead you to the associated service detail pages you have accessed in the past.

Additionally, you'll notice the reporting icon has been moved to the top navigation button for easier access, and the Partner Enablement icon is now accessible through the top right menu.

We are excited to announce that we have updated the Huntress Platform to highlight comments from our SOC Analysts on investigations they have conducted, even for cases that were reviewed and closed without further action. Analyst comments were previously included with our foothold-specific investigations, but were phased out of the UI design when we released the more all-encompassing Signals Investigated feature. We are now reintroducing this information to reinforce the human-centric management and support that Huntress has always provided.

You will now see the investigative comments and the analyst's first name for all signals investigated by the Huntress SOC.

Please note that this change does not affect the signals we have reported to you; it only applies to signals that did not warrant a report being sent, as they were found to be benign.

For more information, please take a look at our Support Doc

Ex-basketball superstar, Ricky the Rocket, knows how to run a sports memorabilia shop, but can Ricky rebound from bad password storage?

Learning Objectives:

Huntress is thrilled to unveil the extension of our Managed EDR, now featuring a solution specially crafted to tackle the distinct issues associated with macOS systems. Our endpoint agent offers enhanced visibility and detection abilities specifically adapted to handle the complexities of macOS threats. This recent enhancement allows Huntress’ customers and partners to experience a high standard of protection for both Windows and macOS operating systems. For more information about how to add Managed EDR for macOS devices please see our Support Documentation or go to the agent download page within the Huntress Dashboard.

Major's Fried Chicken may have the best fried chicken recipe in the world, but what happens when that super secret recipe is fed to a generative AI chatbot?

Learning Objectives

We now support the configuration of a list of IP addresses that isolated endpoints can connect to. This advanced feature enables partners who do incident response regularly to work more efficiently by remotely investigating and remediating isolated hosts using their self-hosted RMM or other tooling. This feature supports static IP addresses only and will not work with cloud RMM or other tools which use dynamic IP addresses for agent connectivity.

See this support article for more information.

If you use Cloud RMM (or other tooling with dynamic IPs) and would like to see us add support for allow listing DNS addresses, please add your support to this feature request.

If you use ScreenConnect and aren't that you have updated to address the latest vulnerability, we strongly recommend against enabling this feature at this time.

We're excited to share that Signals Investigated are now accessible across the entire Huntress Platform. Data source specific detection views and autorun only investigations have been replaced with all encompassing investigated signal views. Signals Investigated clearly associate investigative actions taken by our 24x7 SOC to specific endpoints, Microsoft 365 identities and incident reports where applicable.

Take a look at this Knowledge Base article to understand more.

We are happy to announce an update to our PSA Integrations for ConnectWise, AutoTask, Kaseya BSM, and HaloPSA, this update provides a faster and easier way to map Huntress Organizations to the correct entities within your PSA solution. Please review our new Knowledge Base article on this process improvement.