FAQ
- Does Huntress work with Deep Packet Inspection (TLS/SSL Interception)?
- What Data Does Huntress Collect?
- Why Does Huntress Investigate Known Good Software?
- What does "cert does not match pinned fingerprint" mean?
- How do I configure per organization notifications?
- Are Huntress exclusions necessary in third-party AV?
- How do I determine which host an investigation applies to?
- Why didn't Huntress detect/block a malicious file/activity/ransomware?
- Can you provide the IP addresses/ranges that should be whitelisted to allow hosts to communicate with huntress.io?
- Why Has An Agent Not Checked In?
- Why am I receiving incident reports for offline/decommissioned hosts
- How do I "force a survey?"
- How Do I Close an Incident for a Host that has been Wiped/Decommissioned?
- What does "Audit the Directory" Mean?
- How do I rename/delete an Organization?
- I Don't See The Foothold That Was Reported?
- What files does Huntress collect?
- Why is an incident still active if I remediated? How do I verify the footholds have been removed?
- How do I remove an agent so that I am no longer billed for it?
- Does Huntress Integrate with SIEM Solutions?