Boards

Managed EDR

Managed ITDR

Managed SAT

Managed SIEM

Managed ESPM

Managed ISPM

Integrations, Webhooks, APIs

Account, Org, and User Management

Reporting & Dashboards

SIEM Query Catalog

Powered by Canny

Managed ITDR

MDR for Microsoft 365

Admin Accounts not being revoked with Huntress VPN violation rule and other rules

Request raised with support originally - (225743) When a rule is in place to revoke sessions or block sign in for MS Tenant, if the affected account has privileged admin rights (i.e. Global Admin Account), it does not revoke the sessions. Additionally, if the integrated account between Huntress and MS is a GA account, it cannot revoke its own permissions. Privileged admin accounts are the highest risk if breached, will we see a plan on the roadmap to have these accounts blocked and sessions revoked if applicable to the Huntress rules set?

ITDR authoritative domain exclusion for a shared M365 tenant.

Have a m365 ITDR client that has 8 authoritative domains and we manage 6 of the 8.

"Login without Usage Location" does not include the organization name in the email notification

While other escalation and incidents include the organization name somewhere in the body of the email notification, it is not included in the specific escalation "Login without Usage Location".

Powered by Canny