.png){kind=logo}
FAQ
- How do I add, rename or delete an Organization?
- What is a Foothold?
- What are Malware Artifacts?
- Are Huntress exclusions necessary in third-party AV?
- Does Huntress work with Deep Packet Inspection (TLS/SSL Interception)?
- What Data Does Huntress Collect?
- Why Does Huntress Investigate Known Good Software?
- What does "cert does not match pinned fingerprint" mean?
- How do I configure per organization notifications?
- How do I determine which host an investigation applies to?
- Why didn't Huntress detect/block a malicious file/activity/ransomware?
- Can you provide the IP addresses/ranges that should be whitelisted to allow hosts to communicate with huntress.io?
- Why Has An Agent Not Checked In?
- Why am I receiving incident reports for offline/decommissioned hosts
- How do I "force a survey?"
- How Do I Close an Incident for a Host that has been Wiped/Decommissioned?
- What does "Audit the Directory" Mean?
- I Don't See The Foothold That Was Reported?
- What files does Huntress collect?
- Why is an incident still active if I remediated? How do I verify the footholds have been removed?