Team: Huntress EDR
Product: Huntress Agent
Summary: Updated Huntress domains that need to be whitelisted. New features allows Virtual Desktop Infrastructure support and Kill Process actions.
Previous publicly released version: 0.13.8
Rollout start date: 4/28/2022
If you are actively blocking domains at the egress firewall, please ensure you have the appropriate domains whitelisted to allow the Huntress Agent and related services to communicate Can you provide the IP addresses/ranges that should be whitelisted to allow hosts to communicate with huntress.io?
Features
-
The Huntress agent now supports Virtual Desktop Infrastructure (VDIs) so that duplicate host entries will not be created for each new VDI instance
-
When the Huntress agent is installed on a base VDI image, provided only one instance is running at a time of the VDI, it should maintain the same agent ID for each instance spun up off the base image.
-
For accounts using VDI where there are multiple agent entries for the same hostname, the duplicate entries will still need to be manually removed, but future duplicate entries should not be created provided the Huntress agent installed on the VDI base is 0.13.10+.
-
Please see our detailed support document for more information if you are using VDIs, DeepFreeze, or UWF in your environment.
-
-
The Huntress agent can now support Kill Process actions
-
This allows Huntress ThreatOps analysts to manually create tasks on the agent that can kill running malicious processes.
-
In the future, this capability will be available as an Assisted Remediation as part of incident reports that include malicious processes.
-
Comments
0 comments
Please sign in to leave a comment.