Summary: Partner administrators now have the option to toggle off or on the feature to allow Huntress to automatically action and complete LOW severity incident reports without requiring additional approval.
Account administrators can opt-in to Auto-Remediations via the Settings page. Once here, you will notice under “Huntress Managed Response” a setting to turn Auto-Remediations “On”.
How does it work?
Once this setting is enabled, Huntress will automatically take remediation actions on behalf of the partner for low-severity incidents. For example, if we detect a PUP (Potentially Unwanted Program) on an endpoint, we will take the action of removing that PUP without the need to approve an incident report, although you will still receive a report indicating this action has been taken. It is important to note that this is only for low-severity incidents but may be expanded to higher-severity reports in the future(we will notify you if/when this is available).
Note: Machines will not be rebooted as part of these remediations.
If you would like to exclude specific endpoints from Auto-Remediation, you can scroll down to the bottom of the settings page to exclusions and under the “Auto-Remediation” Section add an exclusion for that endpoint. We will not Auto-Remediate endpoints that are added to the exclusions list.