Latest Updates

We’re excited to announce that EDR for Linux is out of open beta and generally available. Our EDR for Linux is purpose-built for all organizations, and made to find and wreck threats targeting your Linux endpoints. Our elite 24/7 SOC and threat hunters have already detected and investigated novel attacker tradecraft and tools. Check out the blog on the PeerBlight Linux Backdoor to learn more .

ITDR subscribers now have access to the new Data Exfiltration Timeline. This new view within ITDR incident reports presents an overview of adversary activity from compromise to remediation, including files and emails accessed, saving you precious time in diagnosing how to respond to a compromise. The Timeline also includes a complete chronological record of when the compromise started, when Microsoft sent logs to Huntress, and when Huntress took action. Huntress has retroactively generated Timelines dating back to when we enabled additional audit log ingestion for each account. For most accounts, this took place in December or early January. For more information, check out The Incident Report Timeline .

Huntress ITDR now ingests and stores in the Huntress SIEM Microsoft Audit.General and Audit.Sharepoint logs (in addition to Audit.Exchange and Audit.AzureActivityDirectory). This data is retained for one year at no cost and does not require a Huntress SIEM subscription. Huntress SOC analysts and threat hunters use this data to detect adversary activity, and it is now available to Huntress users as well with the full functionality of the Huntress SIEM. For more information, check out Huntress Managed SIEM Log Search Guide and Huntress Managed SIEM Query Builder .