TEAM: Security Awareness Training (SAT), Identity Threat Detection Response (ITDR), Endpoint Detection and Response (EDR), Security Operations Center (SOC)
PRODUCT: SAT, EDR, ITDR, and SOC
ENVIRONMENT: Huntress Platform and SAT Dashboard
SUMMARY: When specific Incident Reports are generated, we recommend certain episodes in our SAT training relevant to the root cause to best educate users affected by an incident.
Huntress Recommended SAT Episodes
Huntress maintains a list of researched threats that correspond to specific SAT episodes. Based on this research, we will automate recommendations that will enable you to activate relevant SAT training episodes for affected users directly from Incident Reports.
The current episode mapping and recommendations are as follows:
| Threat Name | Episode Name |
| Fake Quickbooks | Malvertising |
| Masquerading as Legit Application | Malvertising |
| Ransomware | Ransomware |
| Malicious Browser Extension | Malvertising |
| Vulnerable Software Identified | Malware |
| Malicious Email Rules | BEC 2 |
| Session / Token Theft for Cloud Account | AiTM |
| Unauthorized Cloud Account Login (VPN) | Business Email Compromise |
| Unauthorized Cloud Account Login (Location) | Business Email Compromise |
| Anomalous Cloud Login with Suspicious User Agent | Business Email Compromise |
| Phishing AiTM | AiTM |
| Phishing | Phishing |
| Rogue Cloud Application | BEC 2 |
| Unsecured Credentials on Endpoint | Storing Passwords |
| Fake IT Support | Malvertising |
| Deceptive Installers | Malvertising |
| Fake CAPTCHA (i.e. ClickFix) | Secure Browsing 2 |
These episode pairings are subject to change, and more will be added in the future as detection trends and Partner feedback evolve.