FAQ
- How do I determine which host an investigation applies to?
- Why didn't Huntress detect/block a malicious file/activity/ransomware?
- Can you provide the IP addresses/ranges that should be whitelisted to allow hosts to communicate with huntress.io?
- Why Has An Agent Not Checked In?
- Why am I receiving incident reports for offline/decommissioned hosts
- How do I "force a survey?"
- Are Huntress exclusions necessary in third-party AV?
- How Do I Close an Incident for a Host that has been Wiped/Decommissioned?
- What does "Audit the Directory" Mean?
- How do I rename/delete an Organization?
- I Don't See The Foothold That Was Reported?
- What files does Huntress collect?
- Why is an incident still active if I remediated? How do I verify the footholds have been removed?
- Does Huntress work with Deep Packet Inspection (TLS/SSL Interception)?
- How do I remove an agent so that I am no longer billed for it?
- Does Huntress Integrate with SIEM Solutions?
- What are Malware Artifacts?
- Do I really need to wipe the host?
- How Much Bandwidth Does the Huntress Agent Use?
- Why Has A New Agent Not Checked In?