Monthly/Quarterly Threat Reports
The Huntress reports are provided to give you a high-level overview of what Huntress has done this month/quarter.
In this article
- Changes Analyzed: number of autorun changes across all hosts within the organization that Huntress saw. Autoruns are programs configured to run at system boot or login. These change as applications are added/removed/updated.
Potential Threat Indicators: all of the potential threats that Huntress ThreatOps Analysts reviewed manually. This includes all autoruns that Huntress had not seen before, Ransomware Canaries triggered, and high severity Managed AV (MAV) detections.
- In-Depth Investigations: number of investigations completed. Investigations are opened when automated analysis determines a potential threat needs to be reviewed by an analyst. Investigations are also opened if an analyst determines a threat looks suspicious when reviewing new autoruns or MAV detections.
Incidents Reported: number of incident reports sent. (Incident reports consist of one or more malicious autoruns, a tripped Ransomware canary, or a MAV detection.)
You have the option to get a report for your account and an individual report for each of your organizations.
To access the reports:
- Click the account/organization drop down
- Select your account or the organization you want a report for
- Click the reports view
From the reports view, you can select the report you want to view or generate a preview for the current quarter/month.
Automatically Sending Reports
You have the option to automatically send reports to specified users.
Cobranding Reports/Adding your logo
Huntress gives you the ability to add your own logo to Huntress Reports.
Following the steps for Cobranding Marketing Material and your logo will be reflected on reports as well.