Huntress Managed ITDR Reviews

I work for an MSP, specifically on a security team focused on cybersecurity. We have many clients that use Huntress Managed ITDR, and it has proven invaluable. Just the other day, a user clicked on a malicious email and had her credentials stolen. Huntress Managed ITDR stopped the attack in its tracks. By the time we received the alert, her account was already locked down by Huntress Managed ITDR, and they provided us with remediation steps along with the ticket.

We use those remediation steps to create playbooks, which helps us remediate quickly and begin our investigation process if needed. I have not seen an instance where a bad actor has been able to do anything when our clients have Huntress Managed ITDR. They stop them in their tracks. Their product delivers exactly as advertised.

We also use Arctic Wolf as a service offering. Arctic Wolf has a Microsoft 365 integration and they are competent, but I do not think they are anywhere close to Huntress Managed ITDR because Arctic Wolf is primarily a SIEM alerting platform. They can perform containment and they are very good at it, but if I had to choose between all the major vendors I have used in the past, including those we offer here, it would be Huntress Managed ITDR. The team at Huntress Managed ITDR are good people. I have gotten to know many of the folks that work there, and you cannot beat a group with that kind of passion for cybersecurity and keeping people safe. I do not say that about many people because I am very particular about both good products and good people.

Their threat analytics and process insights are exceptional. When Huntress Managed ITDR finds malware, a virus, or a phishing email, their analytics have improved significantly over time. I remember when they were not very detailed, but now they provide comprehensive information down to the specific type of dependency affected on a host machine.

They show us exactly where all the infected files are located on the computer, which makes cleanup straightforward and invaluable.

I know they partner with Microsoft, and if you have Huntress Managed ITDR and Microsoft Defender, it is truly near real-time as stated. That is a very accurate claim.

I am not entirely certain if this is a technology limitation or a technical issue, but when certain things get reported like VPNs, the information is not always accurate. When we receive an alert that is backhauled from a VPN, such as a bad actor using a VPN, we do not always get that accurate information. I would not call that a criticism of Huntress Managed ITDR. I think that is a limitation of the technology itself.

More accurate VPN details would be beneficial.

About three years.

We have experienced no stability issues. One person on our team deploys Huntress Managed ITDR, though we have a few people authorized to do so. The most we have deployed in a single week is probably 30 clients for one solution.

Once it is deployed, it updates automatically and takes care of itself. The only time it does not update is when a computer is offline or does not have an internet connection. Otherwise, it just works.

Huntress Managed ITDR scales very easily. I always become excited when they discuss a new product and how we can integrate it into our solution stack and technology stack. All of their solutions integrate well with each other and add a broader security surface area to the client overall, which keeps the client better protected.

We contacted them for assistance with deploying to Macs because it was our first time. That was the only true assistance we needed, as they had made changes due to Apple's native security features in the Apple ecosystem. After having that technical call and some troubleshooting, the deployment became very easy. They were very insightful and helpful.

Positive

We use Arctic Wolf as a service offering. Arctic Wolf has a Microsoft 365 integration and they are competent, but I do not think they are anywhere close to Huntress Managed ITDR because Arctic Wolf is primarily a SIEM alerting platform. They can perform containment and are very good at it, but if I had to choose between all the major vendors I have used in the past, including those we offer here, it would be Huntress Managed ITDR. The team at Huntress Managed ITDR are good people. I have gotten to know many of the folks that work there, and you cannot beat a group with that kind of passion for cybersecurity and keeping people safe. I do not say that about many people because I am very particular about both good products and good people.

The initial deployment is very easy. Mapping a client's environment takes longer than actually deploying a Huntress Managed ITDR agent because the deployment is extremely fast and the agent installs very easily. As soon as it is installed, we receive all the telemetry instantly, and if it finds something, we immediately receive a ticket for it. Within the first 15 minutes of an agent install, it is working, which is excellent.

We contacted them for assistance with deploying to Macs because it was our first time. That was the only true assistance we needed, as they had made changes due to Apple's native security features in the Apple ecosystem. After having that technical call and some troubleshooting, the deployment became very easy. They were very insightful.

The pricing is excellent. You will not be able to beat Huntress Managed ITDR on pricing, and that is considering the capabilities Huntress Managed ITDR provides at their price level. I know this firsthand because we conduct extensive vendor sourcing for security products. What Huntress Managed ITDR offers is incredible compared to others. You get value, and you get more value than most people realize from their products versus competitors. You would be paying 10 times as much at other competitors.

The pricing is excellent. You will not be able to beat Huntress Managed ITDR on pricing, and that is considering the capabilities Huntress Managed ITDR provides at their price level. I know this firsthand because we conduct extensive vendor sourcing for security products. What Huntress Managed ITDR offers is incredible compared to others. You get value, and you get more value than most people realize from their products versus competitors. You would be paying 10 times as much at other competitors.

We use Arctic Wolf as a service offering. Arctic Wolf has a Microsoft 365 integration and they are competent, but I do not think they are anywhere close to Huntress Managed ITDR because Arctic Wolf is primarily a SIEM alerting platform. They can perform containment and are very good at it, but if I had to choose between all the major vendors I have used in the past, including those we offer here, it would be Huntress Managed ITDR. The team at Huntress Managed ITDR are good people. I have gotten to know many of the folks that work there, and you cannot beat a group with that kind of passion for cybersecurity and keeping people safe. I do not say that about many people because I am very particular about both good products and good people.

I have experience across all tools, but primarily in MDR, ITDR, and SIEM.

More accurate VPN details would be beneficial.

The SIEM solution is becoming increasingly customizable. The real customizable alerts are part of the SIEM offering, and they are working on simplifying that for custom alerts. The most challenging aspect is creating a custom alert because it requires knowledge of KQL, which is a SIEM query language used to build those alerts. Huntress Managed ITDR is working toward simplifying this process. We have had several conversations with them about making this easier, and they understand that KQL is not an easily learned language. The capabilities do help significantly, especially for clients with specialized equipment or equipment that is not regularly used, such as disaster recovery sites. We want customizable alerts to notify us of any suspicious ingress or egress. We maintain multiple threat intelligence feeds that we constantly update, allowing us to customize those alerts to monitor ports or services being actively exploited in the wild. We continuously update our alert configurations.

We do pause auto-remediation from time to time, especially for quick-moving threats, because we want to take a deeper look. When we do this, we contact Huntress Managed ITDR support for additional insight to determine if they have encountered this type of malware or attack. We gain valuable knowledge from them that helps us update our playbooks and processes to better inform our clients about emerging threats. However, we commonly use the auto-remediation feature, and it works very well.

The pricing is excellent. You will not be able to beat Huntress Managed ITDR on pricing, and that is considering the capabilities Huntress Managed ITDR provides at their price level. I know this firsthand because we conduct extensive vendor sourcing for security products. What Huntress Managed ITDR offers is incredible compared to others. You get value, and you get more value than most people realize from their products versus competitors. You would be paying 10 times as much at other competitors.

I would rate this review a 10 out of 10.

I have been working with Huntress Managed ITDR for about two months since we signed up.

The main benefits that Huntress Managed ITDR brings to the table, or how it helps improve the way the organization functions, is the defense-in-depth setup. It adds an extra layer to protect the most vulnerable part of an organization, which is the users and their identity. It allows a bit of breathing room for security teams to have this extra tool to catch any unwanted breaches or attacks to assist with small or overworked teams. Overall, it's something that each organization or company should look at investing in, and it's a great tool to have.

What I appreciate about Huntress Managed ITDR are the ease of use and the ease of setup from a management perspective. Because we're an MSP and supporting a bunch of clients, it's simple to get connected to 365 or Google. The fact that it has a 24-hour human-led SOC behind it, on top of AI automation, is also great. I know that there's at least a human looking at any of these alerts outside of us that can rein in the robots. To sum it all up: ease of use, ease of management from an MSP perspective, and it's human-centric from the report side and the security side.

This human-led investigation and remediation aspect of the solution is very important in my security. Because we deal with a lot of SMEs, I think every client we deal with is an SME, so it's under 200. We try to make a human-led experience from all of our IT stack. The fact that I know I can reach out to an actual human to further discuss security alerts and get their understanding and knowledge is great. AI is good, but it can give a lot of false information, and you're talking to a robot. So it's good to have; it's a very high priority.

What I would like to see improved or maybe enhanced in Huntress Managed ITDR is that when you first set it up for a tenant, there are a number of false positives that pop up. Once we had the onboarding call with Huntress, we were able to determine that it was just a cleanup on the 365 side of things. So there is a little bit of fine-tuning you have to do, but overall, I couldn't really think of too many other negatives.

There are no missing features that I would like to see included to Huntress Managed ITDR in the future or some functionalities that require some kind of enhancement at this moment. Because we've only been using it for a couple of months now, I think everything that it's there for and that it does is everything we need. I can't think of any feature enhancements as of yet.

I have not had any crashes, downtimes, or performance issues with Huntress Managed ITDR because it's set up as an inline SaaS solution; if it were to go down, it's not going to take down the infrastructure. I haven't seen any issues with that.

My thoughts on the scalability aspect are that because Huntress Managed ITDR is a new offering, we will be scaling it out. We're in the process of scaling it out. We have it set up for us and a couple of others, and we're now including it in our offerings. So we will be scaling out shortly, soon, I hope.

I evaluate customer service and technical support of Huntress Managed ITDR as good and great. I've had a chat with their SOC support team; they were great. The main discussions we had were during the onboarding, and the people involved were fantastic.

I did not previously use a different product for IDR. However, we have looked at other companies, such as CrowdStrike's IDR setup. We ultimately decided to use Huntress Managed ITDR as our first IDR.

The setup process and the deployment part overall for Huntress Managed ITDR is purely just connecting your tenant, whether it's 365 or Google Workspace. You need to be a super admin on either, and then you just connect that. You point Huntress Managed ITDR to the platform. Setup is simple on that side, and then you let it run for, I think, 24 hours before it starts populating data. Then, once that's on there, you clean up the false positives. More than likely, it's just the actual configuration on your identity. You adjust all that, and then once that's on, we linked it up to our ticketing platform, which we use HaloPSA. That was easy to set up. So, if we get any alerts or any critical investigations, they get sent through to our ticketing system and assigned to an engineer. Overall, it took an hour to get the general setup configured. Then we waited 24 hours until we started seeing information, and now it just runs itself. We hop in when we get alerts and check things every now and then.

We purchased Huntress Managed ITDR directly through Huntress.

I have seen measurable benefits with Huntress Managed ITDR. From a breach perspective, it has prevented several users' accounts from being potentially compromised. If we weren't informed about it and there was a data breach or money lost, I think for the general price of however much it is per user, in comparison to the cost of a breach, the ROI is pretty well guaranteed the minute you set it up. I can't give the specific numbers because I don't have those, but I just know that Huntress Managed ITDR is definitely a plus and a bonus.

I don't handle licensing. I'm on the engineer side of things. But from basic internal knowledge, Huntress Managed ITDR is a cheaper product than what we originally had. Sorry, I was thinking of IDR and security awareness training. According to the team, the licensing costs are fine. I can't give too much information on that in terms of pricing.

The key differences, both pros and cons of Huntress Managed ITDR in comparison to CrowdStrike are that I think the CrowdStrike requirements are an additional SKU, and the pricing was more. The configuration overall was a little bit more. CrowdStrike seems to be more purely at enterprise levels, whereas Huntress Managed ITDR, although it's enterprise, seems to fit into the SME/SMB environment a lot more. The initial calls that we had with Huntress Managed ITDR support team and sales team, they just did everything right.

If Huntress Managed ITDR is something that you as an organization are looking at implementing, you should. In this day and age, identity is the most important element, and having all the tools you can to lock that down for the sake of your users is a must. So, get on it. I would rate this product a 10 out of 10.

My main use case for Huntress Managed ITDR is protecting people's accounts on 365.

I use Huntress Managed ITDR to protect accounts on 365 by deploying it to all of our customer's endpoints as included in their contract, which ensures that they don't get phished or compromised. Most importantly for us, it means that we have to deal with fewer tickets and worry about things less.

The best features Huntress Managed ITDR offers are its response times and speed; compared to Defender, we find it to be much faster when detecting a compromise. It also alerts us and lets us know if we need to do anything, and if we're not available and a risky situation arises, the SOC team can take steps for us like locking the account down. If it's something minor, we don't have to interrupt the user; we can just investigate and make choices if needed.

Huntress Managed ITDR has positively impacted our organization by making it so people don't see the negative incidents anymore; they might not jump for joy at having Huntress Managed ITDR, but they certainly don't get compromised and accidentally send someone loads of money. For us, it saves a lot of work and makes people more aware of attacks and what's happening, ultimately saving us time and labor.

It's hard to quantify the savings, and I haven't got the data available, but an incident could take an hour out of an engineer's time, and a significant incident could take a business offline for hours or days, potentially compromising crucial infrastructure. However, with Huntress Managed ITDR, we don't have to deal with those scenarios because they simply don't happen.

I see improvements to the HaloPSA integration as something that could be better; it would be good to see more information in the ticket raised. Currently, it can sometimes just say there's been an incident because of a VPN login. What would be really crucial would be to see the affected user and some of the login information ahead of time so we can react faster or slower if needed.

I would also mention that we have a very large charitable customer who can't afford Huntress Managed ITDR, but they need it the most; if there was some charitable way of supplying Huntress Managed ITDR, we could really benefit from that. Additionally, education is very crucial, but they often don't have the budget or their budget is government-funded and requires bidding. If there were educational or nonprofit funding, that would be really helpful.

I have been using Huntress Managed ITDR for about three years.

Huntress Managed ITDR is stable; I don't think I've encountered any issues except maybe the website being down once for about half an hour over the years, but overall, everything is good.

Huntress Managed ITDR's scalability is very impressive, as it can be deployed in an instant with no considerations needed.

The customer support we receive is excellent; we have a good account manager who's helpful with technical questions. I've not contacted support myself, but I know someone else has, and they reported it was good.

Positive

Previously, we used Webroot for our antivirus, but we switched to Huntress EDR, which led us into Huntress Managed ITDR when it was advertised to us.

My experience with pricing, setup costs, and licensing has been pretty good; we got a good rate and continue to receive declining buy prices. We're generally kept up to date by the account managers, although I've mentioned there's no educational pricing yet, which has been mentioned before. I think more sales material and clarity on the RRP cost would be beneficial, as sometimes we have to price ourselves. I've looked at the sales material in Huntress Hub, and it's not too helpful in that regard.

Before choosing Huntress Managed ITDR, we evaluated other options, including Bitwarden.

Huntress Managed ITDR is deployed using their hosted version, which I assume is on a private cloud.

I would advise others looking into using Huntress Managed ITDR not to underestimate the importance of identity-based security; antivirus is fine, but it's all about social engineering and accessing highly privileged information. Many people aren't aware of potential incidents occurring, but Huntress Managed ITDR can look back at events to find ones that may have already happened as well as any ongoing incidents, which I feel people prefer to ignore because it causes worry. It's crucial to have full 24/7 reactive support for identity-based attacks.

I would appreciate the chance to use Huntress Managed ITDR with Google; we had one customer who was going to use it for Google but ended up moving to 365. I am happy to see they would cover other vendors as well since 365 might not always be the only provider, and if there is ever a significant change with other providers, it would be great to see that included. I would rate this product a 9 out of 10.

My main use case for Huntress Managed ITDR is to get all of our contract clients into basically a full security suite, especially after experiencing disastrous results with a bunch of Kaseya products, which led us to dump them very quickly in search of new solutions. Huntress has always been at the top of our list, and we managed to secure a deal that initially seemed too good to be true. Ultimately, we decided to fully transition everything over to Huntress because it consistently finds threats that nobody else is finding.

A specific example of how we're using Huntress Managed ITDR with our clients includes implementing it on any Microsoft 365 instance that we have, which allows us to catch numerous things that other tools miss, particularly the usage of unauthorized VPNs. When someone attempts to install a VPN such as Proton VPN without our approval, it instantly locks them out, illustrating that they cannot operate outside of our established guidelines. This situation leads to logging the event and informing the business management that the user was locked out for this reason.

Huntress Managed ITDR has positively impacted our organization by providing us with the confidence that we're effectively protected, even when clients neglect our recommendations for training sessions. Knowing that we've transitioned away from Kaseya products, which failed us during a significant ransomware incident, gives us a sense of security, as Huntress's response times have proven to be far superior.

Since switching to Huntress Managed ITDR, we've noticed time savings particularly in setup processes. By integrating Huntress Managed ITDR with our remote management tool, we streamline the installation of necessary software on new machines, ultimately improving efficiency. We maintain a 100% conversion rate for clients experiencing incidents, as they come to us seeking guidance on preventing similar situations from arising.

One of the best features that Huntress Managed ITDR offers is the ability to communicate with clients effectively. For example, when someone informs us that they will be out of the country, we can ensure they still maintain access to critical information while advising them on security precautions such as avoiding hotel VPNs. The embedded rules in Huntress Managed ITDR enable us to create exceptions based on individual circumstances, which we find invaluable.

Huntress Managed ITDR fits into our workflow by emphasizing to customers the importance of communication with us; we shouldn't just be the endpoint for reporting issues. We explain that implementing the best protective products is crucial, but just as important is educating them on how to spot phishing emails and ensuring they adhere to internal technology agreements. If they follow our instructions, the chances of encountering compromised accounts become virtually nonexistent.

I don't believe Huntress Managed ITDR can be improved significantly considering my experience with various SOC products; it stands out as the easiest and most effective solution available. The internal team is addressing shortcomings effectively, and I feel it's not my place to suggest additional fixes.

I cannot think of any specific features that need improvement or additions to Huntress Managed ITDR. If I sat down to really analyze it, perhaps I could come up with something, but nothing comes to mind at this moment.

Setting up and managing exceptions in Huntress Managed ITDR does come with challenges, primarily because we often fail to document our own processes. This leads to us contacting Huntress support frequently for assistance with issues we thought we had resolved in the past. However, their support has been excellent, often providing clear solutions and accessible knowledge base articles to assist us in better documentation practices.

I have been using Huntress Managed ITDR for about about eight months.

Huntress Managed ITDR is quite stable, providing reliable functionality without significant issues.

The scalability of Huntress Managed ITDR essentially aligns with Huntress's system capabilities. If we were to onboard a large customer base, we would coordinate with our account representative to accommodate their needs, ensuring reassurance regarding capacity.

In terms of customer support, I mostly interact with tech support, which has been positive since I've never required escalated customer support. Most of my inquiries to tech support are due to personal errors rather than product faults, which speaks to the functionality of Huntress Managed ITDR.

I chose a rating of 10 for Huntress Managed ITDR because of the ease with which I can reach support. We have an internal motto, PUFF, which stands for 'pick up the freaking phone.' If there's an urgent need for clarification, being able to talk quickly to SOC personnel is invaluable.

Previously, we used the Kaseya solution, both its EDR and Rocket Cyber products, which failed to identify basic infections or more serious threats. Our issues ranged from frequent infections to severe security breaches taking hours for them to respond. In contrast, Huntress Managed ITDR's immediate lockdown response would prevent such breaches from occurring.

While we explored other options before settling on Huntress Managed ITDR, we ultimately didn't conduct thorough evaluations because of its excellent reputation in MSP communities. The feedback we received regarding Huntress Managed ITDR's effectiveness overshadowed other competitors, leading us to choose it without hesitation.

My experience with pricing, setup cost, and licensing for Huntress Managed ITDR is positive overall. There weren't significant setup costs beyond the internal time invested in learning the product, and the licensing is clear, detailing usage and costs without any hidden fees. Although Huntress Managed ITDR is more expensive than our previous solution, its efficiency ultimately saves us money in the long run.

There's no differential impact regarding needing fewer employees, but we certainly experience time savings. Utilizing Huntress Managed ITDR allows us to review and approve remediation plans faster, alleviating the burden of manual checks, leading to a return on investment as clients who resisted our training come back after incidents asking how they could have avoided them.

Huntress Managed ITDR has positively impacted our organization by providing us with the confidence that we're effectively protected, even when clients neglect our recommendations for training sessions. Knowing that we've transitioned away from Kaseya products, which failed us during a significant ransomware incident, gives us a sense of security, as Huntress Managed ITDR's response times have proven to be far superior.

Since switching to Huntress Managed ITDR, we've noticed time savings particularly in setup processes. By integrating Huntress Managed ITDR with our remote management tool, we streamline the installation of necessary software on new machines, ultimately improving efficiency. We maintain a 100% conversion rate for clients experiencing incidents, as they come to us seeking guidance on preventing similar situations from arising.

I gave Huntress Managed ITDR a review rating of 10 out of 10.

Huntress Managed ITDR was to replace an existing solution, as we were using CrowdStrike previously, and the big one for us is to essentially manage suspicious and risky behavior with our user identities, knowing that most of our past historical incidents and compromises came through user identities, giving us a layer of visibility, a support team, and 24/7 response to weird activity happening in our Microsoft environment.

One thing I appreciate the most about Huntress Managed ITDR is that the dashboard is incredibly clear, allowing me to go in and understand what's happening across our organization and users and know where I need to act, drawing my attention in when there are actions that need to be taken, providing that full, high-level, bird's-eye view of everything happening with identity security in our organization.

Their real-time monitoring, including how they retroactively search through logs, has impressed me in action, especially when they found a threat that had been in our system for months during our proof of concept. I appreciate that their real-time monitoring also goes back in time if they find out about a threat later, and the notifications for that, along with the automatic remediations, are incredibly efficient, with one instance where a VPN account was closed out within minutes after an unexpected login. Additionally, there's a new AI-based timeline view that provides a really great breakdown of what actually happened in that event, plus the option to press the SOC button and talk to a human for additional support.

When discussing the downsides of Huntress Managed ITDR, I think one of the advantages is that they've been adding features, including a feature for retroactive hunting for apps that might be deployed in our organization and might be at risk, a great example of a gap they filled. One challenge has been applying rules to staff only due to the option in the VPN rules where I can either deny all VPNs for the organization or do case-by-case exceptions, with no in-between. As a K to 12 school, I would love to see more granular user group level restrictions and alerts. For instance, having all students flagged if high school students log in with a VPN, which I expect at this point, versus a different security risk level for staff, leading to potential trade-offs in our general use cases.

We have been using Huntress Managed ITDR for two months.

Regarding stability, I experience no issues at all with Huntress Managed ITDR, as it consistently accesses data and the platform has always been available for me to find what I need.

I find scalability with Huntress Managed ITDR very easy; we could add 100 users, and I appreciate that they are flexible on licensing, with discussions about scaling up occurring at renewal time rather than requiring immediate payment.

I appreciate the technical support for Huntress Managed ITDR because I can reach out to support and get an immediate pop-up chat, allowing me to speak with a person right away during my last inquiry with the SOC, where we were able to address something we weren't sure about, resolving the challenges we faced. I give the support for Huntress Managed ITDR a rating of 10 out of 10.

Positive

I have used direct alternatives to Huntress Managed ITDR, such as Microsoft E5 and Microsoft Defender for Identity, which we use in parallel as one of the data sources, alongside CrowdStrike identity monitoring, referred to as IDP.

The initial deployment for Huntress Managed ITDR was very easy, as I essentially had to click a button, grant the right permissions, and it took care of the rest needed to ingest data, contrasting with competitors where I had to go through extensive documentation.

If I were to compare Huntress Managed ITDR with the alternatives, I find that if I were a larger organization, CrowdStrike might have had a few more functionalities, particularly in the query filter prior to Huntress adding several new search tools recently, allowing me to get what I need all in one context. I appreciate that Huntress bills for usable, useful data, having stripped out unnecessary storage features that previously caused issues, ensuring I only maintain data necessary for security.

One thing I appreciate the most about Huntress Managed ITDR is that the dashboard is incredibly clear, allowing me to go in and understand what's happening across our organization and users and know where I need to act, drawing my attention in when there are actions that need to be taken, providing that full, high-level, bird's-eye view of everything happening with identity security in our organization.

Their real-time monitoring, including how they retroactively search through logs, has impressed me in action, especially when they found a threat that had been in our system for months during our proof of concept. I appreciate that their real-time monitoring also goes back in time if they find out about a threat later, and the notifications for that, along with the automatic remediations, are incredibly efficient, with one instance where a VPN account was closed out within minutes after an unexpected login. Additionally, there's a new AI-based timeline view that provides a really great breakdown of what actually happened in that event, plus the option to press the SOC button and talk to a human for additional support.

Although we do not have any regulatory requirements in our organization, Huntress Managed ITDR has added smart filter data, and we recently tried to go back and investigate something related to a privacy breach, finding it had all the search information necessary to retrieve what we needed. The new features in the search simplify how to search through the logs for information, giving me confidence in my ability to investigate something retroactively, even in the absence of specific regulatory needs.

I just recently turned on the automated incident response within Huntress Managed ITDR and watched it work, which seems to act quickly by automatically taking essential actions while providing remediation tasks afterward, giving me the assurance that they'll do what's necessary to keep the environment secure, even if it temporarily inconveniences a user.

Regarding customizable alerts in Huntress Managed ITDR, we set up alerts for my team to receive phone calls and emails when there's an incident, ensuring we aren't relying on a single person during critical incidents, which I appreciate.

In terms of pricing for Huntress Managed ITDR, it is very affordable from a K to 12 perspective, and considering the cost of a breach, having this peace of mind to proactively act in our environment is worth its weight in gold.

Regarding maintenance on Huntress Managed ITDR, I am not aware of any required maintenance since the tool seems to maintain an existing relationship with Microsoft Entra and operates self-maintaining, with the advantage of receiving a monthly newsletter about new features.

I give this review an overall rating of 10 out of 10.

My main use case for Huntress Managed ITDR is protecting clients' Microsoft 365 tenants.

A specific example of how I use Huntress Managed ITDR to protect those Microsoft 365 tenants is when I see the alerts come through; it can be anything from a location or logging in from a location abroad that isn't normal for the client. It allows me to jump in to that threat and isolate it and remediate it before anything happens.

The best features Huntress Managed ITDR offers are that the configuration for Microsoft 365 is very simple and easy to set up, and the actual security that it brings. In many cases this year, in particular where the threat landscape has been higher, it has allowed me to protect my clients before anything actually happens.

Huntress Managed ITDR has impacted my organization positively because, as well as securing our clients, it has given us another service that we can offer to our clients, which increases revenue. The main thing is that I have a tool in place because predominantly all of my clients use Microsoft 365, so I have that security tool to give to them, which protects them. Ultimately, it is commercially beneficial too.

I have noticed both measurable outcomes since using Huntress Managed ITDR; there has been a revenue increase because we are doing some volume now with the Microsoft 365 ITDR or MDR, as we call it. I am stopping breaches left, right, and center, so it has definitely had a positive impact on both.

Honestly, I don't have any advice on how to improve Huntress Managed ITDR; I think it does exactly what it says and exactly what I need it to.

I don't have anything that comes to mind for needed improvements; perhaps something small or even a wish list feature.

I have been using Huntress Managed ITDR for around two years.

Huntress Managed ITDR is stable.

Huntress Managed ITDR's scalability is fine for me; when I have clients who need to add users, it can automatically configure them to the ICDR, which again, I predominantly use for Microsoft 365, so it is nice and easy.

Very rarely have I had to deal with customer support for Huntress Managed ITDR; the service generally just works. My colleague probably deals with Huntress support more than I do, but again, it is very minimal from a support point of view. My experience has been good.

Negative

I did not previously use a different solution.

The simple setup impacts my day-to-day work because the initial configuration I do not personally manage; my colleague does, but he has related to me that it is simple and easy to do. It makes my life easier that we will configure it and just get it working because it is a one-time thing, very nice and easy to do.

I have seen a return on investment because there is a saving in time; if a client did experience a breach, that would take a lot more of my time to resolve than having that alert to allow me to jump in and remediate it before it becomes a breach. In terms of return on investment as well, time, of course, but also commercially, I have seen a lot of growth in my security offering because of the ITDR service.

My experience with pricing, setup cost, and licensing is that there are no setup costs that I am privy to, so setup is fine. We do that ourselves.

The licensing cost, again, is a good price point that allows me to add it on to clients and it becomes a no-brainer for them to add it because the price of the service makes sense. It is not too expensive. The price deployment and setup from a cost point of view is all spot on.

Before choosing Huntress Managed ITDR, I did not evaluate other options; it was straight from Huntress.

The advice I would give to others looking into using Huntress Managed ITDR is that if you have a lot of clients using Microsoft 365, if you are concerned with the security element in any way, it is just a complete no-brainer to bolt this on to the tenant because it has saved me time, generated revenue, and it has helped a lot of my clients from a security aspect. I see a lot of potential breaches being stopped before they ever become an incident.

I do not have any additional thoughts about Huntress Managed ITDR before we wrap up; I think this has been quite in-depth. I think we have covered quite a lot, but the main takeaway is that the solution, not just this, the solution in general, the EDR as well, has allowed me to expand revenue, but more importantly, protect my clients in a way I have never been able to do before. I would give this solution a rating of 10 out of 10.

Huntress Managed ITDR is a security tool that we use for security and identity protection.

Huntress Managed ITDR has provided excellent features during the past year that I have been using it. The best feature is the lack of false positives; when we receive an alert from Huntress Managed ITDR, the majority of the time they are true positives that are actionable, unlike some other tools which generate a lot of noise.

Huntress Managed ITDR has greatly helped in detecting and identifying threats. With Huntress Managed ITDR, we are able to catch things like mail flow rules that were created, and we had security incidents in the past that were remediated, but a couple of things were missed like those mail flow rules. Huntress Managed ITDR was able to catch all of those, so it is really valuable because we did not have anything protecting identities in the 365 environment until we obtained Huntress Managed ITDR. Another feature I really appreciated about Huntress Managed ITDR was that it was able to block a rule for non-company approved VPNs.

Overall, Huntress Managed ITDR has improved my organization by making it more secure, which is the biggest improvement, and by reducing noise, so we are able to focus more on actionable alerts.

One area that has room for improvement with Huntress Managed ITDR is that there was a gap with detections inside of America. Huntress Managed ITDR is really good at spotting threats outside of the country, but we had a security incident inside the country, and Huntress Managed ITDR was unable to help with that. A suggestion for improving Huntress Managed ITDR would be to add more ITDR specifically for inside of America.

I have been using Huntress Managed ITDR for about a year.

I would rate the stability of Huntress Managed ITDR as a ten, as I have not really experienced any downtime, bugs, or glitches.

Huntress Managed ITDR is definitely a scalable solution that fits our enterprise-level company needs. I would rate the scalability of Huntress Managed ITDR as a nine.

I would rate Huntress Managed ITDR's technical support as a seven, as I have only used it once or twice and my experience has been pretty good.

Positive

We have also tried SentinelOne as another solution.

Regarding the deployment itself, it was pretty straightforward and not really complex, and there were no challenges along the way.

We use real-time monitoring with Huntress Managed ITDR. We do use the automated incident response with Huntress Managed ITDR. The impact of utilizing the automated incident response with Huntress Managed ITDR has decreased our response time for true positives that could be potential threats in the environment; Huntress Managed ITDR is able to, in real-time, block those threats before we would even see an alert, so it helps keep the environment more secure than it would be without the tool.

Approximately, we have about 1,000 users using Huntress Managed ITDR. Huntress Managed ITDR requires no maintenance from our end as updates and patching are all handled by Huntress Managed ITDR.

I would definitely recommend Huntress Managed ITDR to other users because it is easy to use, and it does not provide too many false positives, which is very important, especially when you are dealing with a company the size that we are; we really need to focus on actionable alerts, and it is the best tool that we have found for protecting the Microsoft 365 environment. I would rate this product an eight overall.

The vast majority of our customers use M365 services, and ID theft is becoming a really prevalent threat. You can start protecting against that with conditional access policies, or take a solution like Huntress Managed ITDR, which does it for you. We are providing end-user education and thought guidance around identity theft, and their natural reaction is to ask if we have a solution that can deal with it. Huntress Managed ITDR does.

ID theft, credential interception, and related threats are probably really prevalent threats that Huntress Managed ITDR helps us with, and we're seeing plenty of our smaller clients get really impacted by it. Having a solution that we can trust is important. At the price point, it's really accessible for our SMB clients. We didn't look at anything else. We just took Huntress because it was there. Having it in a single dashboard that I can look at, and I have it open all the time, is clear and concise. I don't have to spend loads of time working out what I need to deal with or what I don't. The clear actionable insights are really good.

The best features in Huntress Managed ITDR are that it's very easy to very quickly have our clients protected, and at a very reasonable price point.

The real-time monitoring feature in Huntress Managed ITDR is valuable. I've had one or two incidents raised with Huntress Managed ITDR, and every time it's very clear what the incident is and what the next steps I need to take are. It doesn't just say there's an incident and to do something. It says what I should do, step by step, and why. So when I go back to the end-user community and explain that we need to change something or take action, when they naturally ask why, I don't have to work that out myself. It's already told me.

Huntress Managed ITDR is very good because I can make sure we're not getting false positives and a whole bunch of alerts that just become noise. I can really tailor what we get.

There are two things regarding Huntress Managed ITDR. If we have a client that only has M365 Business Standard, all of the MFA details just show as unknown. I think it's actually a Microsoft licensing issue, but I don't think it's a Huntress issue. It would be nice for that to maybe be a little bit more clear. The reason I say this is when I've shown a client their company in our portal, there's a whole bunch of users in there that just show unknown, and they immediately ask what that is. I have to explain it's because they're using Business Basic and so on, and it just doesn't look that clean. It would be better if it just said standard or something.

I've been working with Huntress Managed ITDR for about six months.

The performance of Huntress Managed ITDR product has been really good for us. I've not experienced any issues. Every time I've logged in, it's been quick. We've not seen any downtime with it, so I'm really pleased.

I can't see any issues regarding the scalability aspect of Huntress Managed ITDR. I don't really know what the limits are from its scalability. I can't see us ever getting towards those. The way that the console is organized makes it really easy. The more clients we onboard, it just adds some additional organizations, which makes it very easy to break those down. It doesn't make the console noisy or anything, so I can't see there being any issues from our point of view.

With Huntress Managed ITDR tech support, it's absolutely spot on. I've not needed to reach out myself directly, but the information I get from them where there's been incidents logged is superb. I've been doing a technical job since 1998, and there are very few times I've had from an organization clear communication about what the issue is, why we need to deal with it, and what we need to do to get it dealt with. Usually, it's just an issue and away we go. I'm really pleased with tech support. Our account management, onboarding, and moving forward has been absolutely superb.

Positive

The experience with the initial setup of Huntress Managed ITDR product is absolutely spot on. It's very easy. We're really well supported by Huntress to get onboarded. The actual onboarding process is quite easy and very well documented, and it's really quick as well.

It's not really measurable with Huntress Managed ITDR. Obviously there's always some margin in there. For us, it was really about making sure we had the solution in our portfolio to take to our clients.

I think it's really important that people considering it actually get a demo of the platform and perhaps a trial because the proof is in the pudding. They really should see it in action. It's a quality solution. I would rate this review as a 9 out of 10.

My use case is really just for threat detection and response to observe and get more awareness of where our sign-ins are coming from, so we can better protect our login environment.

Implementing Huntress Managed ITDR has improved our business by allowing us to be more proactive with our security posture. It recently identified that people had saved passwords in Word documents. Prior to that, we didn't know that was a practice, so it's now allowing us to get ahead of things and put in appropriate password managers for teams. That's something that will hopefully benefit us in the future.

The continuous monitoring capabilities have been pretty effective in maintaining the security of our endpoints. I've not noticed anything unexpected in terms of something that it hasn't caught but something else has. We did a month-long trial, so we got to get familiar with it before we went truly live with it.

The incident response integration has helped us mitigate security incidents and reduce downtime. It sends alerts that tell us what activity it's managed to detect, such as VPNs and some odd rules in people's mailboxes. The biggest thing has been detecting travel locations where we weren't advised.

Real-time alerts have helped our organization address vulnerabilities promptly, but we don't have the metrics because we don't monitor and track things to that extent. It has allowed us to see what our end users are doing and where they're traveling and to make sure that there's nothing odd going on there.

The best features of the solution are the fact that there are real people behind it who watch the alerts and then escalate as required, and the fact that there is an immediate support team or SOC team behind it if we have any questions. 

It integrates well with our Microsoft environment. It was really easy to get going with it and get the visibility with basically a few clicks. The reporting is good and it's pretty fast as well.

The threat detection feature is working and protecting. It's been detecting unsanctioned VPNs. We've had to investigate somebody that was using a VPN that we weren't aware of. It's been actively working for us for the last month or so.

In my opinion, Huntress Managed ITDR has room for improvement in the speed of some screen refreshing, as it isn't as fast as it perhaps could be. The fact that it caches results is a bit odd for a security product. Other than that, it's a very simple and easy-to-use interface in terms of recommendations and feedback. There's not really much at the moment I would look to change.

It would be nice to have more customization around the reporting, beyond changing the logo and the color scheme, to generate a more executive summary for our board. At this point, that's really nitpicking. In terms of the actual product features, it's been pretty good. I haven't seen if there's a way to create custom alerts and custom rules for identification, but if there was, that would probably be useful as well.

We've just deployed it. Our trial started in May, so it has been close to two months.

I would rate the stability of Huntress Managed ITDR a ten out of ten. We've not had it long enough to see any disruptions, but we haven't experienced any disruptions trying to access it.

I believe Huntress Managed ITDR is scalable, so it's probably a ten out of ten. It should just be a case of adding users, and hopefully, people watch it. Scalability-wise, it should be pretty simple.

Huntress Managed ITDR is protecting about 120 users. In terms of the people that log into it, it's two or three IT admins, but we've got 120 licenses, so it's protecting 120 Microsoft accounts.

My rating on the technical support would be a ten out of ten. They've been very responsive when we have had to use them.

Positive

Using Huntress Managed ITDR wasn't originally on our plan. We were originally just going to use the Microsoft E5 rules within Cloud App Security and some other things. We went with Huntress Managed ITDR when I was looking at the Huntress EDR, and the pricing versus the ease of deployment made it a no-brainer for us. The amount of configuration that Microsoft seemed to require to make it more user-friendly took a lot more effort to get to a similar standpoint. The fact that the ITDR can immediately tie into the Huntress SIEM and protect all licensed accounts with minimal configuration required from us makes it a better option compared to Microsoft.

The deployment of Huntress Managed ITDR took about three minutes. The documentation was really clear. It was basically clicking a couple of buttons to connect it to our Microsoft environment, and then it ingested all of our user accounts and started protecting us. In terms of how long it took to get going, it was really quick.

We're using cloud deployment. As our firm has grown, we've been adopting a more cloud-first position. Given our geographic location with environmental threats such as hurricanes, we've been moving more to the cloud. The implementation of this being as quick as it was for a cloud-hosted system and to get it actively protecting us was far quicker than if I'd had to build something on-premise.

It doesn't require any maintenance from my end so far. It has some automatic cleanup rules, but we haven't had it long enough to see if those have been effective.

It hasn't saved much yet. If anything, it's created more work, but that's because we're now seeing things that we weren't seeing before. In terms of a return on investment for our security posture, it's absolutely paying for itself to ensure that we are better secure compared to what we were without it. From a financial standpoint, I have no idea, but in terms of return on investment for our security, it is worth it and is in my opinion paying for itself with our improved posture.

In terms of pricing, it seemed pretty cheap for us. I think it was two or three dollars a user a month. Given that it wasn't a product we were expecting to buy, it was a somewhat unanticipated cost, but again, the value of it makes sense. I don't know what the other alternative products cost-wise would be, but given what it does, it seems cheap.

I would definitely recommend Huntress Managed ITDR to other users for the ease of getting a high level of service implemented in a very short time frame and the cost of the service for what they seem to be delivering is very good. 

Overall, I rate Huntress Managed ITDR a ten out of ten.

We're using Huntress Managed ITDR mostly for connection monitoring and also for detecting connections from outside the country. Recently, we had an escalation for a specific IP address from the United States. We don't allow United States connections in our tenant, but we do allow one specific IP address to be connected from there. We monitored everything, found out that it was an allowed connection, and then dismissed and resolved it.

We also use Huntress Managed ITDR specifically for unwanted access detection. We really love the product at the moment.

The best features Huntress Managed ITDR offers include having everything easy to access with all the correct information, particularly the triggering events that led to an escalation or incident. We really also love the timelines and the investigation done by the SOC agents that are assigned to the case.

The reactivity of all the systems stands out as the most valuable for our team. If a connection is detected, it does not take long before we are made aware of it through our ticket systems. Once it's done, the investigation is great because we can take most of the information there and put it in our incident report and give that to the client.

The speed of Huntress Managed ITDR has impacted our organization positively. Our previous system took two to three hours to detect something not right with the connection. With Huntress Managed ITDR, it takes half an hour at maximum.

I opened a ticket with support to ask if it would be possible in the near future to exclude some IP addresses instead of a whole country or only a specific VPN service. I learned that this was a feature that was in development, so it will come. This would help us greatly to be able to pinpoint specific connections.

I'm not sure what the AI capabilities of Huntress Managed ITDR are. What I think is a SOC agent working might be AI, but in any case, it seems to be working great.

I've been using Huntress Managed ITDR for about six months.

Huntress Managed ITDR has shown no stability issues.

Huntress Managed ITDR's scalability looks great. We are having a lot of clients already on it, 68 clients currently, and it seems great. Some of these clients have hundreds of users and agents, and it's all working fine.

The customer support is awesome. It's honestly one of the greatest customer support experiences I've had the pleasure to work with. I would rate the customer support a 10 out of 10.

We did use Office Protect and Office Protect Alliance. We switched because there was no automation in their detection. Microsoft 365 details were coming in and then some SOC agents were monitoring everything and reading our baselines each time. Depending on which SOC agent was working on the case, sometimes they were responding correctly, following our baseline, and sometimes they wouldn't. There were too many human incidents on their end for us to continue with those. Also, the response time was awful, sometimes three to four hours before we get notified of anything going wrong, and even at some point it went a whole day without having any news. We detected it ourselves and fixed it ourselves, and then we had to call Office Protect to ask them what happened.

Huntress was already on our radar, so we just went with it.

From what I heard, the implementation was great, it was fine and everyone was happy about it.

If you're looking for a great solution with a lower response time that is just working great out of the box, Huntress Managed ITDR is a great product. I would rate this solution 9 out of 10.