HomeBlog
Active Remediation: Proactive Response with Huntress Managed EDR
Published:
May 13, 2024

Active Remediation: Proactive Response with Huntress Managed EDR

By:
Seth Geftic
Glitch effectGlitch effectGlitch effect
Glitch banner

When it comes to responding to incidents, time is of the essence, both in terms of the attacker's presence in your environment and the time it consumes from your busy schedule.

This is why Huntress Managed EDR includes Active Remediation. This powerful feature allows you to pre-authorize Huntress to take action on your behalf without requiring your manual review and approval. We eliminate the threat while you get on with your life.

Imagine you’ve had a long day and need a good night's sleep. Unfortunately, something happens in the middle of the night, and Huntress sends you an alert at 2am. With your pre-approval, however, you don’t have to get out of bed to read the report and authorize the response plan. Huntress proactively responds. Thanks to Active Remediation, you’ll have less work and more sleep. Who doesn’t want that?

A Powerful Multi-Prong Response Strategy 

Active Remediation isn’t the only tool we use to respond to threats. When Huntress detects suspicious activity, we initiate a multi-prong response strategy using three different types of response actions. 

  1. First is threat containment to stop the attack from spreading. This makes life difficult for hackers and buys the experts in our 24/7 human-led Security Operations Center (SOC) time to investigate. 
  2. Next comes Active Remediation, where the Huntress SOC takes action to remove the identified threat. If you choose not to turn on Active Remediation, we’ll still take action. However, we’ll first present the response plan and ask for your approval before doing so. 
  3. Finally, we pride ourselves on providing guided cleanup and recovery instructions. They’re meticulously detailed yet easy to understand, ensuring even junior IT analysts can navigate them with ease. After successfully containing and removing the threat, we provide recommendations to ensure the hacker is fully ejected. We also provide guidance on how to harden your environment so they can’t come back. 

Active Remediation can be tailored to your needs, with the flexibility to enable or disable it across various incident severity levels. Plus, you can curate a list of exclusions for specific endpoints, giving you the final say in your security strategy.

See for yourself how Huntress EDR responds to threats. Sign up for a free trial or demo today. 

Already a Huntress customer or partner? Instructions for enabling and customizing Active Remediation at no additional cost can be found on the Huntress Support page

Categories

See Huntress in action

Our platform combines a suite of powerful managed detection and response tools for endpoints and Microsoft 365 identities, science-backed security awareness training, and the expertise of our 24/7 Security Operations Center (SOC).

Share
Glitch effect

You Might Also Like

Sign Up for Huntress Updates

Get insider access to Huntress tradecraft, killer events, and the freshest blog updates.

By submitting this form, you accept our Terms of Service & Privacy Policy
Oops! Something went wrong while submitting the form.
Huntress at work