Huntress Managed EDR Reviews

We use it for our clients and ourselves. Huntress is a pretty comprehensive platform. Recently, they acquired the security awareness training platform, which helps us to fulfill our clients' needs regarding security. It has been pretty good. A lot of our clients are growing in this area. Traditionally, we have been using it for endpoint protection, which has been effective in many situations.

It is positioned very well for the SMB market. The most recent understanding that I have is that they are providing more visibility in the market. People are now seeing it as a product for security for many different reasons. The program is easy to use and easy for administrators as well. When it comes to security, it is similar to all the other players in town. Everybody says that they are an all-in-one sort of solution. From my perspective, Huntress is in the MSP space more than some of the bigger players such as CrowdStrike, and they are more successful because it is more MSP friendly. There is a lot of uptake on the growth of the product in general. CrowdStrike, for example, is a very mature product in the security marketplace, so they may or may not need to engage as closely as Huntress. Huntress also educates the group of people who use their product more than others, and that helps to deliver value through all the partners who are selling their product.

The endpoint protection is solid. One of the easiest things for us to do is to deploy the agent. It does not matter whether the client is infected or not infected. As soon as Huntress is deployed, it is good. It is easy for us to manage from our end. It tells us exactly what we need to see. It caught things that we could not catch with the traditional antivirus program. We have a way to tell clients that we have given them the greatest endpoint protection ever made, and it caught a few more virus programs. Would they like the deployment for the rest of their company? Most of the time, that is an easy sell on our end.

It has been making our lives so much easier. In the past, we had to spend hours and hours trying to look for the threat, whereas now, we can just put Huntress to immediately find out the threat and what needs to be done. Sometimes, some of the automatic remediations just happen without us even knowing, and we learn about it afterward. We also needed it because of the growing need for cybersecurity insurance compliance in Canada.

We use Huntress' ability to automatically remediate low-severity threats. 

It is integrated with Microsoft Defender. Once we have sold the Defender suite to a client, we integrate that with Huntress. Huntress is the EDR and also the MDR portion to manage any sort of alerts that arise.

Huntress has helped reduce the need for expensive security tools or to hire expensive security analysts. Our techs may or may not need to have a very high level of skills. We are also using Huntress as a tool to help us to answer some of the questions. It empowers the techs, and at the same time, we are spending less money.

Huntress has improved our security dramatically. Especially seeing that there is a growing need in the security space, we wanted to make sure that we have a good partner to work with.

The endpoint protection is definitely the most impactful feature for clients.

It just works. It is a set-it-and-forget-it type of solution.

There should be more engagement with the MSP group or their largest clients. They should have focus group discussions on what they can do to improve the product. A more transparent way for the support team at Huntress and our IT team to collaborate to make it faster and easier would be beneficial. It does not mean that the current support team is not doing its job, but if you look at the marketplace, the selling point of one of the competitors Blackpoint Cyber is a more cohesive work-as-a-team approach when it comes to support. I have heard that other MSP businesses using Blackpoint find it to be a much better experience in comparison to Huntress. While we are happy with Huntress, that is one area that everybody is saying can be improved.

I have used the solution for about a good four years.

I have not experienced any lagging, crashing, or downtime. Adding the load on the endpoints, like any security solution, makes the system slower, but we explain that to the client beforehand.

It is pretty easy to use.

We did not use any solution previously. 

It is working for us, so we do not want to change.

It is a cloud solution. The initial setup is relatively easy. It probably took a couple of hours per client, and all deployments were done.

The implementation is a one-person effort.

I would advise talking to them and engaging with the team. Figure out what is needed to support clients. Huntress is not for everyone. Understand different clients' requirements, and do not be thrown off by regulatory changes. We are a Canadian MSP business, specifically legal. We know the business needs well. You need to know what you need. Hunt for it. Huntress works for us but may not for everyone. 

Overall, I would rate it a nine out of ten.

The client had likely experienced ransomware attacks and wanted to adopt a more proactive approach to address such threats. They needed a solution that would minimize downtime and avoid disruptive incidents. 

Testing Huntress improved our organization by enhancing service offerings. It gave us the confidence to approach clients and present a solution well-suited for those seeking basic and advanced options. It positioned Huntress as an ideal, lightweight MDR solution. Additionally, we generated a decent amount of income from it.

First and foremost, I appreciate the team's expertise in finding the solution. For example, one of the lead researchers, has a public presence and a YouTube channel, demonstrating a high competence level within the research team. It instilled confidence that they would effectively detect and address threats.

Second, Huntress responded very quickly during testing—within about ten minutes. While this speed might not always be guaranteed, the prompt response during my mock tests, where they successfully locked down the machine, showcased their efficiency and accuracy.

Additionally, we are an MSP, and the pricing model Huntress offers works very well for us.

Finally, the reports provided after an incident are very thorough. They offer a clear and detailed description of the attack, which reassured me of its effectiveness.

The product could be improved in terms of customization options available for reports. Specifically, there should be more granular control over report scheduling and the ability to include more specific information.

I have used Huntress for six to seven months.

The product is stable.

Our clients have 150 Huntress users in the entire organization. Regarding the number of users I could serve, I rate the scalability a ten out of ten.

The technical support services are good.

Positive

The initial setup was straightforward. It took a few minutes to complete the process.

I implemented the product for the client's entire organization.

We received around 200% return on investment using Huntress.

For example, if the platform's price was $1 per annum, we charged $3. However, that includes all the reporting, account management, and other services.

While the product did not directly reduce costs, as there was already an existing solution, it did help by eliminating the need to hire a dedicated security analyst. It meant we could avoid adding that headcount to our business, saving on potential additional expenses.

It may have reduced costs by approximately 50 % compared to our previous solution. The one we were using involved paying a company based in Malaysia that utilized a specific piece of software to deliver their service. Switching to Huntress brought our costs down by 50%.

It has saved us a significant amount of time in terms of reporting. The reports generated were already comprehensive, so we only needed to configure them to be sent to the account manager and the company's resident IT staff.

Another significant time saver was the ease of installation. We could effortlessly integrate it into our existing remote monitoring and management (RMM) system and deploy it to the machines. This contrasted with our previous solution, which did not support unattended installations. We had to arrange for someone to install it on each machine, even if it was remote, requiring scheduling and user notifications. The client had around 100 to 150 machines, so this process was very tedious.

I rate the product pricing six out of ten for the Malaysian market. However, I would rate it a three out of ten for the Australian, New Zealand, or Singapore markets.

Huntress is easy to use. It immediately improved visibility and understanding of our security posture.

It is a good solution for small and medium-sized businesses (SMBs). It is quite effective in the context of the SMB market and for managed service providers (MSPs) deploying the solution. It is easy to install on machines and fits well within the price range for companies that might be using Microsoft 365 but have yet to be ready to move to Business Premium.

It also manages standalone Microsoft Defenders, which adds a unique advantage. It provides a holistic approach, helping us tap into the telemetry from the existing antivirus on Windows machines, providing a more comprehensive solution.

We had to use some other solution alongside Huntress. This client was using Bitdefender as a standard antivirus. If a client wants to stop using Bitdefender, we recommend using Microsoft Defender.

Our team uses some degree of AI to help them work through the telemetry they collect.

I recommend the product to others and rate it a ten.

This is the tool that we use to keep our devices, the endpoints, protected.

In the beginning, we were using two antiviruses. The first one was Webroot, and the other was Huntress. At that time, we noticed that Huntress was not compatible with iOS devices, with Macs, so we used both services - Webroot for Macs and Huntress for Windows. 

I feel very protected. I feel really good having Huntress on my computers. There are certain antiviruses we installed before that basically would never detect anything. I also had a ransomware case when a client used a different antivirus. With Huntress, I've never suffered any attacks. 

The antivirus protection is very good. With other antiviruses, when you scan the computer, it shows you what was found. However, for Huntress, they don't just show you the threats—they also give you recommendations. There's a simple button you can click to apply the remediation. You don't need to go and do it manually for the most part. 

It's pretty straightforward to use. You don't need to spend a lot of time troubleshooting the alerts, and its ease of use is great. I'd rate usability nine out of ten.

Huntress is a really good choice for small and medium-sized businesses since it's pretty easy to use and doesn't consume too many resources. In the past, we had some issues, for example, with Webroot. There were certain situations when, for some reason, WebRTC consumed a lot of resources, and that was a pain for the clients. We never had this kind of issue with Huntress. 

It's pretty easy to install and deploy. It has a lot of reports. The way they show the reports is pretty good and easy to understand for the client. In the past, when clients received reports, they did not understand. We don't have to explain Huntress reporting. 

We saw the benefits of Huntress pretty quickly. Once it started detecting threats, it was great. When I first started using Huntress, I started comparing it to other solutions were using, and I could see how beneficial Huntress was. For example, you can see what it's doing, and also you can see when it's complete in real-time. 

The solution is fully managed by Huntress 24/7, which reduces our workload when managing and triaging alerts. It's a great feature. 

Huntress can remediate low-severity threats automatically and take certain actions automatically. For example, if the antivirus detects ransomware, it isolates the computer automatically. I don't need to do anything. I received only the alert that said the computer was isolated. Then, I usually need to check the logs and see if I need to do something manually or something similar.

Huntress helped to reduce the need for expensive security tools or higher expensive security analysts. In fact, we had conversations on how to reduce costs as an MSP. They reviewed the number of seats we have, and they offered us a new plan with better with less cost.

Not every time, but sometimes when we click on the remediation, the auto-resolution of the alert, the screen gets stuck, and I need to contact support so they can confirm the remediation was applied, and they have to close the ticket.

Maybe they can add a way to remove unresponsive agents. For example, if I have a client with ten devices, and I deploy Huntress in those ten devices, and for some reason, one device has maybe two or three months offline or not running, maybe they can add automation to remove the agent after a certain amount of time. That way, I will not be paying for a device that has been offline. We do have audits to avoid this. However, it would be useful if the process was automated. 

In the beginning, we used other antiviruses. If you install SentinelOne or WebRoot, if you check the device, you will see Huntress is installed, however, you will see it is not doing anything since he other antivirus is installed.

I know that Huntress has a beta version for Macs, so it is not fully deployed or released. We're waiting for the final version to use it on our Macs. 

I've used the solution for four years. 

I'd rate the stability eight out of ten. Most of the time, it's working fine. I'd just like it to be fully compatible with all of our OS. For example, we've had clients that use a special version of Windows for a POS, and Huntress isn't fully compatible. 

I've never had issues with the scalability. 

Not all antiviruses have 24/7 support or management. There are some cases where I read the logs, and I have to contact Huntress support, and they are always available. I never wait more than maybe ten minutes to get support. They always help me with the issue without problems. They are always giving me solutions.

This is the best support I have used. 

Positive

We have also used WebRoot. Huntress is better as the support team is great and I have less issues with the solution. I've had trouble installing and uninstalling WebRoot.

We always install Datto RMM first manually. Then, we share the link with the client. They install Datto RMM, and then we use that to deploy Hunteress. It's pretty simple. It only takes a few minutes to install. A single technician can deploy the solution. 

The pricing is a little bit high. However, I understand the service is better. They offer different plans according to tiers. If you have more devices, you get better pricing. 

We're an MSP and have a lot of relationships with many vendors. 

I'd rate Huntress nine out of ten.

I'd recommend users give Huntress a chance. The MSP portal is free to use and it has a lot of integrations.

We are a Managed Service Provider. We use the solution to offer extra protection to customer machines. 

Huntress helps us replace traditional antivirus solutions with an EDR. I like how easy it is to use and deploy. Support is good- they've responded quickly when I've had issues. I like it a lot so far. It reports valuable information and filters out things I don't need to know.

The solution is easy to learn. I like the scanning it does for M365. We use Datto RMM for remote machine support. Huntress has a built-in component for Datto RMM that we can deploy immediately. I can push Huntress out to machines in about eight minutes. It does what it's supposed to do, which is amazing.

The tool is suitable for small to medium businesses. It monitors everything going on with their machines and their Microsoft 365 tenant if they have one. Even if they don't have their IT department, it can help flag issues.

The main benefit our customers see is the additional security Huntress provides. We've found that it reports many password files people save on their machines. For example, it might find a Word document full of passwords on someone's desktop. Just highlighting that this is happening is a valuable part of the service.

Previously, I had to go through all the alerts myself and figure out what was important and what wasn't. Now, my time is freed up to deal with the important alerts. I don't have to spend time finding what's important - it's already right before me.

It highlights when new mailbox rules are created in Microsoft 365, which helps us spot breached accounts. It also finds valuable password files on machines. This is one of the biggest security risks—if someone gets into a machine and finds a password file on the desktop, they can easily access things they shouldn't.

We could see the solution's benefits from the very first minute of its deployment. 

I'd like it if Huntress could scan for software that's out of date or has open vulnerabilities. That would be useful for us. Scanning for vulnerable software would be helpful. Also, we've set it up to create a ticket in our ticketing system when there's an alert. It would be nice if closing that ticket would also close the Huntress alert. It doesn't do that right now, but they're working on adding that feature.

I have been working with the product for a few months. We are a new customer. 

I haven't experienced any downtime. 

My company has around 1300 endpoints. The solution is scalable. 

We previously used SonicWall Capture Client for EDR. But it's not the same thing as Huntress. I don't think I could compare them. I'd say that Huntress is completely new in how we use it.

Since we use Datto RMM, we just had to add their components and a secret key from our Huntress site. Then, when we deploy the agent, it communicates with the Huntress site, and all endpoints appear there. The whole process takes around 15 minutes.

It's not difficult to maintain. I've set it up so that if a machine hasn't reported to Huntress in 30 days, it automatically removes itself from our site. So, it maintains itself. I've also set up a recurring job to check that it's installed on all the machines it should be on.

We did the deployment in-house. 

The solution is cheap compared to other alternatives. It offers good value for money. For the whole solution, it's up to about five pounds per device per month. Considering what it does, I think that's very good value.

We evaluated Seceon and eSentire. We chose Huntress because it was easy to deploy and does what we need it to do. eSentire seemed more hands-off, but with Huntress, we can handle the problems it flags ourselves. Seceon was hard to set up. 

If you are unsure about the solution, try to get a trial and see what it does. I rate it a ten out of ten. 

We use Huntress to monitor our internal and customer systems for security vulnerabilities.

We chose Huntress for its 24/7 managed detection and response services.

Huntress is deployed entirely in the cloud. We use the Huntress portal to manage it and our RMM tool to distribute the agent to our devices.

Huntress is a great option for the SMB market. It's competitively priced and offers good value for the money, making it one of the most cost-effective security solutions available. Its team is highly qualified and delivers a quality product at a price point that fits the SMB budget. Enterprise tools can often be overly complex or expensive, and Huntress effectively addresses both of these concerns.

It's extremely easy overall. We deploy the agent and it takes care of the rest.

Huntress enhances visibility into endpoint activity by monitoring running processes. It employs a 24/7 human response team to analyze alerts from both the Huntress agent and Windows Defender Endpoint Protection. This team can then choose to isolate suspicious activity and limit its impact if deemed malicious, or escalate the case for further investigation.

Some endpoint protection solutions may miss early warning signs of suspicious activity, such as unusual system behavior or potential footholds for attackers. This is often the case when deploying such solutions to new customers. However, it's important to remember that malicious activity doesn't happen every day in every environment. So, for some customers, its value might not be immediately apparent. It might take a few years before a serious incident occurs, highlighting the need for Huntress' detection and response capabilities. Therefore, the timeframe to see the benefits of Huntress can vary greatly.

The fully managed service has certainly reduced the effort needed for handling alerts from endpoint protection solutions like Windows Defender. Eliminating the need to deal with false positives has been a significant benefit, greatly reducing our team's workload. Additionally, the SOC within the service effectively handles after-hours issues, minimizing the impact on our on-call staff.

Instead of relying on expensive endpoint protection software, we successfully leveraged the built-in Windows Defender in conjunction with the Huntress agent. This combination, in our opinion, represents a significant improvement over using a potentially more robust but costly solution alone. The key advantage lies in the added human element: Huntress' 24/7 monitoring and endpoint isolation capabilities. This approach has demonstrably improved our security posture. However, it's unclear whether it fully eliminates the need for a high-cost security analyst. While Huntress certainly reduces expenses associated with lower-level resources tasked with the initial triage of false positive alerts, its impact on the role of a specialized security analyst remains to be determined.

It has improved our overall security significantly. It adds another valuable layer of protection and provides greater visibility into endpoint activity. Perhaps the most significant benefit for us is the true 24/7 coverage. While our staff has extended hours, there's a gap overnight when no one is actively monitoring for security incidents. When time is of the essence, as it often is in cyber situations, having someone from Huntress available to instantly respond by isolating threats is invaluable. This service is certainly more cost-effective than attempting to staff our team for round-the-clock coverage.

Our security started improving immediately after deployment. It began searching for pre-existing footholds or remnants of other malware that may not have been fully cleaned up from previous infections. The 24/7 SOC provided instant benefits—knowing we had that extra layer of protection with dedicated experts watching our systems was a reassuring feeling.

The most valuable aspect of Huntress is its 24/7 SOC service. If something suspicious is seen on an endpoint, even in the middle of the night, there is always someone available to react quickly and isolate the endpoint to mitigate the potential spread to others. 

Huntress' Process Insights feature could benefit from more robust search and filtering capabilities. Currently, it's quite basic, offering only a single search bar with limited granularity. Additionally, the data retention period is short, with access restricted to three days. While the SOC team can export a week's worth of data, extending this period to at least thirty days would be highly beneficial.

Overall, we're generally satisfied with the solution. However, deeper integration with other endpoint protection platforms would be valuable. Ideally, Huntress should be able to ingest alerts from systems like CrowdStrike and conduct investigations similar to CrowdStrike's offerings. This would be particularly useful for us as a CrowdStrike partner.

I have been using Huntress for three years.

Last week, we encountered an issue with the Huntress agent. Essentially, there are two components: the core Huntress agent and the Rio agent, added later about a year into our partnership for process insights. While Rio is valuable, we experienced a communication gap regarding its functionality.

If Rio shut down for any reason e.g., computer reboot, or agent update, it wouldn't restart properly, creating a blind spot for the Hunter team as no data was transmitted. This issue emerged within the past two weeks and took a few days for Huntress to identify and resolve.

Overall, the platform is generally stable, but we've faced some bumps in the road. One issue involved unclear communication about agent check-ins, and the other was the recent Rio shutdown problem.

Huntress scales very well. We've grown from approximately 9,000 to 17,000 endpoints, and I haven't encountered any scalability issues.

We're generally very pleased with the technical support. They respond promptly via chat, and if the frontline team can't resolve an issue, they escalate it swiftly. In one instance, their SOC analysts even helped us investigate malicious activity at our endpoints, something that deeply concerned us and our customers. In that situation, they truly went above and beyond to assist us.

Positive

We previously used Webroot, but it was ineffective at stopping the latest ransomware threats. That was the main reason we switched to Huntress. We replaced Webroot with the built-in Windows Defender plus the Huntress agent, and together they proved significantly more effective at stopping those threats than Webroot alone.

The initial deployment was smooth. However, we realized a gap in our internal processes and understanding of how to respond to different alert levels.

Our deployment was rushed due to signing the agreement during the Log4J vulnerability outbreak around Christmas 2020. The widespread threat forced us to prioritize deploying the Huntress agent quickly instead of following a slower, more deliberate approach to replacing Webroot.

Fortunately, the Huntress agent seamlessly integrates with other endpoint protection solutions. This allowed deployment without disrupting existing protection or leaving us vulnerable during the transition.

The additional 24/7 SOC visibility without replacing our current endpoint protection has been immensely valuable. While deployment was simple, we identified the need to refine internal processes and response protocols for different alert levels.

We had a small team, perhaps two or three people, working on the deployment. In all honesty, it could have been done by a single person. Our deployment process is streamlined, and we have a large customer base. As a mid-sized MSP with over two hundred customers at the time, we had the manpower to spare. However, thanks to scripting and RMM tools, even a single individual could theoretically deploy Huntress to a large number of endpoints with ease.

Being an MSP, we implemented the solution internally.

Huntress is priced fairly for the services and value it provides.

I would rate Huntress nine out of ten.

Our team occasionally uses the automatic remediation feature for low-severity threats, but we don't heavily rely on it. When it comes to endpoint protection alerts, we prefer a more hands-on approach. Despite using automatic remediation to some extent, the feature's impact on our workload has been minimal.

The biggest maintenance challenge with Huntress is the potential for certain firewalls, especially Fortinet models depending on their enabled features, to block communication from the agent on the endpoint back to the Huntress portal. This blockage isn't apparent from the endpoint itself. While the Huntress page might appear installed and running, the agent might have only checked in initially and stopped sending data. After a month of inactivity, Huntress removes the agent to prevent the portal from becoming overloaded with inactive agents. This creates blind spots in our monitoring, as we remain unaware of the missing data. Addressing this challenge has been difficult, as we rely on our RMM tool for endpoint management and strive to maintain a consistent active list. Continuously comparing this list with the Huntress portal to ensure they match has proven frustrating.

When using Huntress the most crucial aspect is training our internal staff on how to respond to different alert levels. These levels typically fall into three categories: low, high, and critical. It's essential to have a clear action plan or standard operating procedure outlining how our team should handle each alert type. Additionally, basic training on the Huntress portal is recommended. The portal has various pages, modules, and tabs, so familiarizing our staff with navigating and interacting with it is crucial. This includes skills like isolating endpoints, removing isolation if necessary, and utilizing provided remediation tasks or manual remediation if preferred. Implementing these measures will significantly improve our incident response capability.

Over the years, Huntress has gained many features, but initially, it was the foothold detection that drew us to the solution. It excels at uncovering persistent threats that evade other security measures. Our staff often compares it to a baseball backstop: you might not hit every pitch, and the catcher might miss a ball, but the backstop is there to prevent a disaster. In the same way, Huntress acts as a safety net, a team of experts searching for threats that slip past other security layers.

We observed threat actors continually refining their attack methods against the managed endpoints of our diverse clientele. We sought a security tool that avoided exaggerated claims of absolute protection. We understand that perfect security doesn't exist. Instead, we prioritized finding a partner with integrity and a genuine commitment to the SMB security mission, both for our clients and the broader community. Even before becoming an investor and customer, Huntress impressed us with their educational approach. They actively engage the MSP community, providing valuable knowledge, training, and insights into current threats. Their focus on raising security awareness before securing contracts resonated deeply with us. We admire their company culture and approach.

Our client base presents a mixed deployment landscape. Some, particularly those in manufacturing, maintain significant on-premises infrastructure. In contrast, others have fully embraced the cloud and haven't adopted serverless technologies like the ones we offer. Therefore, our platform must cater to this diverse range of deployment models.

Huntress was likely the easiest tool we've ever deployed. It's low-touch, and we didn't anticipate any problems. The worst-case scenario would be an issue with their internet connection, but otherwise, it requires minimal interaction with the machines. Users are unaware of its background operation; it doesn't make changes or enforce rules initially, making the rollout very smooth. We even deployed it internally before broader implementation to familiarize ourselves and ensure it wouldn't cause any harm. My confidence stemmed from its ease of use and the high quality of its product.

It is a cost-effective solution for the SMB market. It allows us to keep our costs competitive while ensuring optimal protection for our clients. Additionally, it instills a sense of quality and reliability in our operations. After all, we are human, and mistakes are inevitable. Huntress provides peace of mind for the MSP side by helping us mitigate those potential oversights.

We observed the benefits of Huntress within the first two weeks of deployment. We discovered several previously unknown aspects of the managed environment. Subsequently, after implementing the change to simply push them out of their base stack, we were able to quickly identify well-responding machines, those requiring attention, and malfunctioning Wi-Fi protection. This process effectively illuminated areas requiring improvement from a management perspective.

The fact that the Huntress system is managed 24/7/365 is extremely helpful for our workloads. Our staff typically works from seven in the morning to five in the afternoon, so there's only a small overlap with Huntress' coverage. However, we greatly benefit from them keeping an eye on things and being able to alert us in the middle of the night if something suspicious happens. We're very thankful for their round-the-clock monitoring, as it saves us from having to keep our staff up late or hire additional workers for overnight hours. This, in turn, saves us money on labor costs.

There’s a feature that allows us to automatically remediate low-severity threats, and we have enabled it for certain clients. This feature has significantly reduced the number of minor issues that our SOC team would usually deal with, freeing them to focus on higher-level threats and more strategic tasks.

Huntress has significantly improved our security posture. Their team provides exceptional vigilance, staying informed about emerging threats and tracking the tactics of bad actors. We've seen numerous instances where they've detected threats just as they activated. In some cases, we simply isolated the affected machine, while in others it didn't require such immediate action. Remarkably, a month later, the FBI contacted us to inquire about one of these potential threats. Fortunately, thanks to Huntress' swift intervention, there was no actual danger. This experience highlights their cutting-edge expertise, not just in technology, but also in understanding the evolving tactics of cybercriminals. They consistently stay ahead of the curve, or at least keep pace with, the ever-changing threat landscape.

Huntress helps to reduce the need for expensive security tools and analysts. We have a superior base layer compared to just offering a standalone product. While it is a tool, it's also a product and service that includes access to the Huntress team's expertise. Their threat operations team monitors potential threats, so we don't need to dedicate our own time and resources to analyzing logs and information. They essentially do it for us.

Finding cost-effective security partners is crucial, as we navigate competing demands. Some clients expect high effectiveness and demonstrably high value, while other vendor tools see rising costs. It's key to identify partners who deliver demonstrably good value for our investment, maximizing our effectiveness through optimized time and resource allocation.

We begin to see improvements in our company's security within two days of deployment. Pushing the installation requires minimal effort. Typically, suspicious activity becomes apparent within the first 24 to 48 hours, which the system highlights immediately. After a week or two, the system learns usage patterns and adapts to the environment, providing us with a comprehensive understanding of our security posture. By then, we've proactively addressed any identified issues, resulting in a swift and efficient security monitoring process.

Foothold detection is a valuable feature, acting as a valuable second set of eyes for both us and our clients. However, what truly convinced us to make it a core part of our security stack, instead of just deploying it selectively based on specific needs, was Huntress' introduction of Managed AV. This allowed us to replace our basic antivirus solution often Windows Defender for our predominantly Windows environment with a more robust option managed by Huntress. Managed AV essentially made Huntress our new baseline antivirus, replacing Windows Defender, while still allowing us to utilize premium solutions like SentinelOne for specific situations. Ultimately, this shift enabled us to expand our footprint from around 400-500 machines to an impressive 4,600.

I'd like Huntress to implement a component that can analyze network traffic for specific sites. This involves deploying network sensors that monitor beyond just endpoint data, which they currently gather, and identity information through their 365 integration. This additional layer would offer site-level visibility, allowing us to detect suspicious traffic even on devices where the Huntress endpoint agent can't be installed. For example, in manufacturing environments, network devices and IoT devices might not be compatible with the agent. Comprehensive site-wide visibility would significantly enhance our security posture.

I have been using Huntress for around four years.

Huntress is stable. We have not encountered any issues.

Easy scalability that requires minimal time investment from us. Their platform readily handles our needs.

We've been using their service for years now with minimal technical issues. However, I've contacted their technical support several times, usually regarding security-related alerts. In some cases, it was a matter of needing clarification, while other times we simply couldn't find the relevant documentation. We wanted additional information about these alerts to improve our understanding and prevent future issues. Sometimes they get busy and their response time is slow but the quality of their service is great.

Positive

Previously, we used a variety of security solutions, but none specifically addressed the gap where users require items to be forwarded to other security layers. We solely relied on antivirus software or various EDR solutions at the time. We simply made the most of those tools available. Huntress did replace antivirus programs like Bitdefender and Webroot for us. Because we could utilize Managed AV, we no longer needed those other products. In that sense, it did take their place. However, Huntress entered the market to fill a previously unmet need and created a new market segment.

The initial deployment was smooth, even when we encountered some misalignments between our expectations and reality, or when we had to adjust initial assumptions. Fortunately, we were able to rectify these issues quickly by modifying the agents. For example, if an agent was assigned to the wrong client, we could make a prompt correction.

Overall, the deployment was very straightforward thanks to the ease of using PowerShell. The developers did a fantastic job making the process as user-friendly as possible.

One person was required for the deployment.

We handled the deployment internally, leveraging our existing RMM tool which already manages and deploys other software.

Huntress boasts a high return on investment. This translates to needing fewer staff dedicated to analyzing security tools, which is a significant benefit for us. Consequently, labor costs associated with incident monitoring decrease. Additionally, it provides a dedicated Security Operations Center team that continuously monitors for threats. Essentially, it's like getting two solutions for the price of one. I imagine the reduction in personnel costs would at least cover half the expense of incident investigation and response, which are typically more costly with other solutions. Overall, the ROI from Huntress is evident in our daily operations. The peace of mind and improved sleep Huntress brings are invaluable.

While other options have emerged since Huntress' arrival, I believe it still offers the best value for the features and services it provides.

Many alternative security solutions originated from the enterprise market, resulting in high pricing that didn't fit our MSP pricing model for smaller clients. Additionally, while existing antivirus vendors offered bolted-on MSP options, standalone SOC services often lacked cost-effective models per endpoint. At the time, nothing quite like Huntress existed in the market.

I would rate Huntress ten out of ten.

Huntress is doing exactly what we need. However, we haven't fully explored its potential for expansion. Previously, my main request was Microsoft 365 integration, which they are now working on. We're currently conducting some early pilot tests with it. In essence, that integration addressed the major gap I identified.

Most multi-tenant tools involve a dashboard, user interface, and the ability to create sub-organizations or child accounts. Each child account has access to all purchased products under its parent account. The key requirement is ensuring machines are accurately tagged to their respective companies. While infrequent, maintaining these tags involves verifying their correctness and fixing minor issues, such as typos or inconsistencies. This applies to most multi-tenant tools, not specific to Huntress. However, Huntress simplifies this process compared to other solutions. Unlike requiring uninstallation or redeployment in other tools, Huntress allows seamless correction and movement of tagged machines, minimizing errors and streamlining management.

As long as we understand the platform's capabilities and the value it provides, we can avoid any misconceptions. I believe many MSPs tend to get overly excited about any new tool. We've faced similar challenges in the past, so it's crucial to remember that this isn't a "deploy and forget" solution. While the platform simplifies the process significantly, some effort is still required on our end to ensure proper configuration before deployment. It's more of a "set it and manage" tool compared to the others we use. Therefore, understanding the product, its position in our security stack, and how it complements existing tools is essential. We need to know how to explain its role and support it effectively for our clients. That's the key takeaway. Knowing its place in the security stack is fundamental.

It integrates seamlessly with RMM, making it easy to roll out and use. Many fixes are automated, so you can approve them and let the system handle them, avoiding the need to go through individual steps. If something serious comes up, they proactively make phone calls and lock things down in advance. It simplifies my job rather than adding it.

It has improved my organization by making things easier.

After deployment, it takes some time to scan and process everything. Huntress has effectively flagged issues such as password files on desktops, which it identifies as low-level alerts. It also handles more significant threats effectively. The system runs in the background and uses sample files to detect ransomware attacks quickly. If an attack occurs, Huntress can isolate the affected machine promptly. We noticed benefits and problem-solving capabilities within the first week.

I had been requesting Huntress support for macOS for a while, and they recently rolled it out, making it generally available within two months. Having a regular support line would be good.

I have been using Huntress for a year and a half or two.

There are no issues with stability.

This solution is used by 400 machines. It scales independently. When we add clients to our RMM, the script runs every night and automatically adds Huntress to the new clients and their machines.

Support was quick. They made it easy for us to get assistance when needed. They responded promptly to our inquiries about upcoming products and provided timely support to get things rolling. We were tweaking our scripts, and they directed us to their repository of scripts and resources. When I encountered an issue, they suggested hopping on a call to walk me through it rather than just relying on chat. They resolved the issue relatively quickly.

Positive

Huntress provided ease of use and a lower spend. The sales team was supportive throughout the process, not just during the initial setup. They helped with scripting and ensured we were fully operational before stepping back, which made things much easier for me.

The pricing is great.

Their minimum spend is quite low, unlike some vendors that require $500 or $1,000 a month. It's around $50, so you can start with just a few clients if you're new or scale up if you're larger. Their products integrate well with our existing systems and perform effectively.

I’ve worked with some vendors whose implementations were so complex that managing the solution required almost a full-time person. In contrast, Huntress was straightforward to deploy. You set a few permissions, and then it just runs in the background. This simplified things and made managing the software much easier.

Huntress is largely set-it-and-forget-it. The only real maintenance involves handling remediation for attacked machines rather than ongoing upkeep. The recent addition of Mac support required a new script.

Overall, I rate the solution a ten out of ten.

We use their EDR platform and their MDR platform. By implementing Huntress, we wanted to add another layer of security to our workstations across all of our clients.

Threat protection on the endpoints and great customer support are some of the benefits. There is a great vendor relationship. We could see its benefits pretty immediately. They work well with you. They are very attentive, and they make sure that their partners get whatever support they need.

It has reduced the triage time. When they do find an alert or an issue, many times, they post an accurate resolution, so my technicians do not have to investigate to determine a resolution. It is already outlined for them.

Huntress has the ability to automatically remediate low-severity threats. We use this feature in some cases and not in all cases. It works well when we have used it. It has impacted our workload and security. The faster you can fix the security issue, the better off you are.

Using Huntress has helped reduce the need for expensive security tools or to hire expensive security analysts. It is important. It is hard to maintain a security staff.

We are much more secure today than before starting to use Huntress.

It is very easy to use. It is a great solution. They are one of the better vendors that I have ever worked with since I have been in the industry.

Their EDR can have increased coverage for Macintosh. They do not fully secure Macintosh computers.

We started with them at least four years ago.

I have not seen any stability-related issues so far.

It is very scalable.

They are very good. They are very fast to respond, especially in emergencies. They have great support. I would rate them a 10 out of 10.

Positive

We were using Bitdefender. We switched because Huntress was more comprehensive and had 24/7 SOC.

We use their cloud portal, and we deploy from there. I was involved in the initial vetting of the product and the vendor, but I was not involved in doing the installation.

In terms of maintenance, when updates need to be pushed out, we make sure that they are pushed out. They normally get installed automatically. We have a tech person who daily makes sure that everything is okay in the portal. There is no real maintenance. There is nothing that we would not do for any other vendor.

After deploying Huntress, we could immediately see improvements in our organization's security.

It works well for an MSP.

We evaluated Blackpoint Cyber and SentinelOne. We chose Huntress just because of what they offered. Blackpoint Cyber and SentinelOne are great products. It was a hard decision between the three, but we chose Huntress.

Those evaluating this solution can research it online. They can ask their peers or just contact Huntress. They will guide them through the whole process.

I would rate Huntress a 10 out of 10.