PURPOSE How to review canary-related alerts and collect useful details. GENERAL STEPS Open Huntress in a supported browser, sign in with the correct work account, and navigate to the relevant organization, endpoint, agent, incident, detection, report, or settings area. VERIFY RESULTS Confirm that the endpoint, agent status, incident, remediation note, ticket reference, report, organization assignment, or investigation detail appears as expected before closing the task. TROUBLESHOOTING If Huntress behaves unexpectedly, refresh the page, confirm you are viewing the correct organization and endpoint, check your permissions, verify the endpoint is reporting, and capture any error message, hostname, incident ID, or timestamp. BEST PRACTICE Treat security alerts carefully. Do not dismiss, remediate, isolate, or communicate security findings without enough context and the right approval path.