The Huntress Monthly/Quarterly reports are provided to give you a high-level overview of what Huntress has done this month/quarter. The reports include data from foothold detection, Ransomware Canaries, and Managed AV.
In this article
- Changes Analyzed: number of autorun changes across all hosts within the organization that Huntress saw. Autoruns are programs configured to run at system boot or login. These change as applications are added/removed/updated.
Potential Threat Indicators: all of the potential threats that Huntress reviewed. This includes all autoruns that Huntress had not seen before, tripped Ransomware Canaries, and a subset of Managed AV (MAV) detections that were not auto remediated.
- In-Depth Investigations: number of investigations completed. Investigations are opened when automated analysis determines a potential threat needs to be reviewed by an analyst. Investigations are also opened if an analyst determines a threat looks suspicious when reviewing new autoruns or MAV detections.
Incidents Reported: number of incident reports sent. (Incident reports consist of one or more malicious autoruns, a tripped Ransomware canary, or a MAV detection.)
Detailed Summary Reports for Admins
Huntress provides Partner administrators with a detailed Monthly, Quarterly and Custom Threat Summary Report. The report includes summary data from all Huntress organizations within the account and breaks down the data by each Huntress service:
- Persistent Footholds
- Ransomware Canaries
- Managed AV
- Incident Reporting, including an Incident Summary and Log
To access the reports:
- Click the account/organization dropdown
- Select your account or the organization you want a report for
- Click the reports view
From the reports view, you can select the report you want to view or generate a preview for the current quarter/month.
Running Custom Reports
First go to the drop down menu and select custom date range
From there you will be given the option to choose a date range and run a custom report
Note! If a custom report is run and the end date hasn't ended (UTC/Z), the report will show "processing" until the date has passed.
Automatically Sending Reports
You have the option to automatically send reports to specified users.
Cobranding Reports/Adding your logo
Huntress gives you the ability to add your own logo to Huntress Reports.
Following the steps for Cobranding Marketing Material and your logo will be reflected on reports as well.