No more typing reviews! Try our Samantha, our new voice AI agent.
Senior Systems Engineer at NetSmart, Inc.
Reseller
Top 20
Feb 7, 2025
Provides responsive support and efficient threat resolution
Pros and Cons
  • "Their SOC is super responsive and does a great job of catching incidences and being on top of any issues that arise."
  • "The ITDR product is coming along great, however, we are still getting many false positives."

What is our primary use case?

We are using it as an MDR, EDR, antivirus product. We are also utilizing their Microsoft 365 ITDR, which is the new name, and their security awareness training platform. The only product they offer that we do not use currently is their SIM tool. It is on our radar and our roadmap, but we are not using it.

What is most valuable?

Their SOC is super responsive and does a great job of catching incidences and being on top of any issues that arise. They have an automated remediation tool that works well for both ITDR and EDR. It allows approval of remediations, performs all the necessary steps, verifies them, and resolves issues efficiently.

What needs improvement?

The ITDR product is coming along great, however, we are still getting many false positives. A lot of user accounts get locked out over nonissues, and while they are easy to resolve, someone still needs to take action. It is time spent by a technician.

For how long have I used the solution?

I have been using it for a little over two and a half years, coming up on three years.

Buyer's Guide
Huntress Managed EDR
June 2026
Learn what your peers think about Huntress Managed EDR. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,067 professionals have used our research since 2012.

What do I think about the stability of the solution?

I have never had a problem that was Huntress's fault.

What do I think about the scalability of the solution?

It is pretty scalable. I am currently running a little over twenty-five hundred endpoints without any problems or concerns about managing that number of computers.

How are customer service and support?

If I contact support, it is almost immediate. They respond quickly and work with me until the problem is fully resolved. They are thorough and ensure the problem is addressed without pushing responsibilities onto me unnecessarily.

Which solution did I use previously and why did I switch?

Previously, we used SentinelOne, Webroot, and BlackPoint. I switched since I have tested SentinelOne multiple times and could bypass it. BlackPoint generates many false positives, taking more time to manage than Huntress.

How was the initial setup?

The initial setup process was smooth. We were provided with an engineer who wrote a script based on our current structure and remote management software. This script allowed easy deployment, and Huntress's support ensured everything went smoothly.

What about the implementation team?

We were given an engineer who sat down with us, understood our current setup, wrote a script for deployment, and did all the backend work necessary for a smooth deployment.

What's my experience with pricing, setup cost, and licensing?

The pricing is piecemeal, per agent on EDR, MDR, and per user on ITDR. It can get expensive for small to medium businesses if large license quantities are not purchased. However, given Huntress's success rate, I am willing to pay for a product that performs well.

Which other solutions did I evaluate?

The alternatives I have used include SentinelOne, Webroot, and BlackPoint.

What other advice do I have?

I rate Huntress an eight out of ten. I prefer using it over other security tools because it has been reliable and efficient in catching incidents and isolating threats quickly.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Nick Mrotek - PeerSpot reviewer
Service Delivery Manager at Netirio
Real User
Top 5
Aug 1, 2024
Helped us to reduce the need for expensive security tools
Pros and Cons
  • "Huntress helped us to reduce the need for expensive security tools or expensive security analysts. That's very important, especially with us being a a smaller business. Not having to purchase larger software has been great."
  • "The integration with our RMM could be better."

What is our primary use case?

We use the solution as our antivirus.

How has it helped my organization?

We were looking for a more lightweight solution for an antivirus. We've had some in the past that have been really hard to either install, uninstall, and work with. Huntress integrated right in with Microsoft Defender, and it worked perfectly.

What is most valuable?

The automatic remediation is the most valuable feature for us. It works great. If our team can't look at an issue exactly at the moment, it's just good to know that there's Huntress that can come in and be able to remediate most, if not all, issues. If there's something that needs a further look at, we can automate the alerts. It's proven to be a lot more efficient than other antiviruses we've worked with in the past.

It's easy to use Huntress overall. I haven't had too many issues. I haven't really had to contact or support with anything. So far, so good.

Huntress is a solution tailored specifically for the small and medium business market. It sits on top of Windows Defender, so you do not have to have either expertise or other software. It works well as a standalone client. 

Removal, specifically, has been very, very nice. Others have been clunky when it comes to removing files or the application itself. Huntress has the uninstall option straight from the admin portal. That's been a great great feature.

We've witnessed the benefits of Huntress both immediately after we deployed it, and after some time. The ease of use was noticed immediately. But then, eventually, when it comes to either losing a client or having someone who's left having to remove it from their machine, just having the ability to uninstall very seamlessly becomes very useful.

The solution is fully managed by Huntress 24/7. It's reduced our workload in terms of triaging or managing alerts. It's very much reduced the attention to detail that we've needed to have, especially since it's such a reputable company. We feel confident in having them remediate some issues so that we don't have to be looking at them all the time.

Huntress helped us to reduce the need for expensive security tools or expensive security analysts. That's very important, especially with us being a smaller business. Not having to purchase larger software has been great.

I don't know if our organizational security has drastically improved. However, it has done what it needs to do. We haven't lost security; we've maybe become more secure with it. That said, just having that presence of mind, knowing that we do have a very sophisticated team and product behind us, has been wonderful. 

What needs improvement?

The integration with our RMM could be better. That's been one of the tougher things. Having more availability to integrate with RMM is what we need right now. Even though we can create a script, it doesn't always work as seamlessly as it should. 

For how long have I used the solution?

I've used the solution for about a year. 

What do I think about the stability of the solution?

The stability has been great. We've had no issues. 

What do I think about the scalability of the solution?

I haven't had the chance to scale. However, there seem to be no issues with scaling up or down. 

How are customer service and support?

The availability of SOC-team support is great. They are friendly and offer good advice. It's not as big of a company as other solutions, yet the support team seems to be on top of things. 

In terms of ongoing support, there has only been one or two times when we wanted some further clarity on a remediation that had been completed. That was about it. The ease of communication is great. You aren't on hold and you aren't passed around to different people. Their support is pretty state-of-the-art.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have previously used SentinelOne and Sophos. We switched over to Huntress completely and no longer use them. We primarily switched based on pricing.

How was the initial setup?

The initial setup was really easy. It just sits on top of Windows Defender, so it was very easy. After that, just configuring the the different profiles and policies that we wanted to apply had to be done, and that was a very easy process. The deployment itself took about a week. 

In terms of maintenance, so far, it auto-updates. 

What about the implementation team?

Might have had a third party assist in the implementation. 

What's my experience with pricing, setup cost, and licensing?

The cost-effectiveness of Huntress, compared to other solutions, is much greater. The pricing is good. It's where it should be.

Which other solutions did I evaluate?

We did shop around a bit. However, with the price, it was a pretty easy decision.

What other advice do I have?

I'd rate the solution ten out of ten. 

New users should mostly ensure that they know that this product is going to stand on top of Windows Defender and integrate with it. If someone is utilizing Windows Defender, they just need to ensure that they know that this product has to operate with Windows Defender to get its full capability.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. MSP
PeerSpot user
Buyer's Guide
Huntress Managed EDR
June 2026
Learn what your peers think about Huntress Managed EDR. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
903,067 professionals have used our research since 2012.
VCIO at a tech services company with 11-50 employees
MSP
Top 20
Jan 23, 2025
Delivers comprehensive endpoint protection and makes our lives easier
Pros and Cons
  • "The endpoint protection is definitely the most impactful feature for clients. It just works. It is a set-it-and-forget-it type of solution."
  • "Huntress has improved our security dramatically."
  • "There should be more engagement with the MSP group or their largest clients. They should have focus group discussions on what they can do to improve the product. A more transparent way for the support team at Huntress and our IT team to collaborate to make it faster and easier would be beneficial."

What is our primary use case?

We use it for our clients and ourselves. Huntress is a pretty comprehensive platform. Recently, they acquired the security awareness training platform, which helps us to fulfill our clients' needs regarding security. It has been pretty good. A lot of our clients are growing in this area. Traditionally, we have been using it for endpoint protection, which has been effective in many situations.

How has it helped my organization?

It is positioned very well for the SMB market. The most recent understanding that I have is that they are providing more visibility in the market. People are now seeing it as a product for security for many different reasons. The program is easy to use and easy for administrators as well. When it comes to security, it is similar to all the other players in town. Everybody says that they are an all-in-one sort of solution. From my perspective, Huntress is in the MSP space more than some of the bigger players such as CrowdStrike, and they are more successful because it is more MSP friendly. There is a lot of uptake on the growth of the product in general. CrowdStrike, for example, is a very mature product in the security marketplace, so they may or may not need to engage as closely as Huntress. Huntress also educates the group of people who use their product more than others, and that helps to deliver value through all the partners who are selling their product.

The endpoint protection is solid. One of the easiest things for us to do is to deploy the agent. It does not matter whether the client is infected or not infected. As soon as Huntress is deployed, it is good. It is easy for us to manage from our end. It tells us exactly what we need to see. It caught things that we could not catch with the traditional antivirus program. We have a way to tell clients that we have given them the greatest endpoint protection ever made, and it caught a few more virus programs. Would they like the deployment for the rest of their company? Most of the time, that is an easy sell on our end.

It has been making our lives so much easier. In the past, we had to spend hours and hours trying to look for the threat, whereas now, we can just put Huntress to immediately find out the threat and what needs to be done. Sometimes, some of the automatic remediations just happen without us even knowing, and we learn about it afterward. We also needed it because of the growing need for cybersecurity insurance compliance in Canada.

We use Huntress' ability to automatically remediate low-severity threats. 

It is integrated with Microsoft Defender. Once we have sold the Defender suite to a client, we integrate that with Huntress. Huntress is the EDR and also the MDR portion to manage any sort of alerts that arise.

Huntress has helped reduce the need for expensive security tools or to hire expensive security analysts. Our techs may or may not need to have a very high level of skills. We are also using Huntress as a tool to help us to answer some of the questions. It empowers the techs, and at the same time, we are spending less money.

Huntress has improved our security dramatically. Especially seeing that there is a growing need in the security space, we wanted to make sure that we have a good partner to work with.

What is most valuable?

The endpoint protection is definitely the most impactful feature for clients.

It just works. It is a set-it-and-forget-it type of solution.

What needs improvement?

There should be more engagement with the MSP group or their largest clients. They should have focus group discussions on what they can do to improve the product. A more transparent way for the support team at Huntress and our IT team to collaborate to make it faster and easier would be beneficial. It does not mean that the current support team is not doing its job, but if you look at the marketplace, the selling point of one of the competitors Blackpoint Cyber is a more cohesive work-as-a-team approach when it comes to support. I have heard that other MSP businesses using Blackpoint find it to be a much better experience in comparison to Huntress. While we are happy with Huntress, that is one area that everybody is saying can be improved.

For how long have I used the solution?

I have used the solution for about a good four years.

What do I think about the stability of the solution?

I have not experienced any lagging, crashing, or downtime. Adding the load on the endpoints, like any security solution, makes the system slower, but we explain that to the client beforehand.

What do I think about the scalability of the solution?

It is pretty easy to use.

Which solution did I use previously and why did I switch?

We did not use any solution previously. 

It is working for us, so we do not want to change.

How was the initial setup?

It is a cloud solution. The initial setup is relatively easy. It probably took a couple of hours per client, and all deployments were done.

What about the implementation team?

The implementation is a one-person effort.

What other advice do I have?

I would advise talking to them and engaging with the team. Figure out what is needed to support clients. Huntress is not for everyone. Understand different clients' requirements, and do not be thrown off by regulatory changes. We are a Canadian MSP business, specifically legal. We know the business needs well. You need to know what you need. Hunt for it. Huntress works for us but may not for everyone. 

Overall, I would rate it a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Aaron Johns - PeerSpot reviewer
MSP Systems Engineer at A. B. M. Co., Inc.
Reseller
Top 20
Jul 24, 2024
It is easy to use, provides excellent value, and performance
Pros and Cons
  • "The features of Huntress that I found helpful are the one-click remediation piece and the ability for me to reach out to their customer service reps and get this under control when there is a threat."
  • "To enhance the platform, I suggest adding a feature to forward Huntress's recommended response directly to the client, ensuring their clear understanding of the gathered information."

What is our primary use case?

We use Huntress to safeguard our endpoints as an additional security layer complementing our traditional antivirus solution. If the primary antivirus fails to identify a threat, Huntress is a crucial backup that fulfills our security requirements.

How has it helped my organization?

The Huntress interface is relatively easy to use. I had little to no training and had not used Huntress enough to navigate its website or fully understand its use case. It was simple to use.

Huntress is great for small and medium business markets. The value is excellent as well. It is a cost-effective solution, and the integration pieces that we're using with it are phenomenal.

I saw the true potential of Huntress a month after we implemented it.

Huntress's 24/7 monitoring has been invaluable for triaging and managing alerts. The platform handles most of the monitoring, allowing us to focus on understanding the alerts, their nature, functionality, and the detected threats. This approach has significantly improved our efficiency in this area.

Huntress's ability to automatically remediate low-severity threats has streamlined our workflow process, making it faster to respond.

Huntress has helped us reduce the need for expensive security tools or to hire costly security analysts. We're not big enough to have a large SOC team, so this has helped us until we can reach that level of growth.

Huntress helps protect our endpoints when traditional antivirus is not enough. So, we will rely heavily on it when our traditional antivirus software does not catch the threat.

What is most valuable?

The features of Huntress that I found helpful are the one-click remediation piece and the ability for me to reach out to their customer service reps and get this under control when there is a threat. I see it as a great way to isolate and remediate on the fly quickly. We did have a use case for that recently that worked out well.

What needs improvement?

I requested Huntress customer support to implement a feature enabling me to email myself generated reports or alerts, which I could then forward to our client. While this specific feature was unavailable, Huntress customer service successfully assisted us in obtaining the necessary email information. To enhance the platform, I suggest adding a feature to forward Huntress's recommended response directly to the client, ensuring their clear understanding of the gathered information.

For how long have I used the solution?

I have been using Huntress for one and a half years.

What do I think about the stability of the solution?

Huntress offers super reliable and rock-solid performance. We have not encountered any troubleshooting issues or problems with the software; it works as expected.

What do I think about the scalability of the solution?

The cloud-based nature of Huntress management allows for exceptional scalability. We can easily add licenses or agents as needed, and we haven't encountered any scaling limitations thus far.

How are customer service and support?

I contacted Huntress technical support once about a ransomware attack, and they responded promptly and effectively. We contained the attack within an hour.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

The Huntress pricing is an excellent value for what the product provides. It's a managed EDR solution with fair features, and I think it's great.

Which other solutions did I evaluate?

We have considered other solutions. The other EDR solution we considered was SentinelOne. We did look at SentinelOne, but we did not make a choice.

I did not choose Huntress. When I started a year and a half ago, Huntress was already implemented. However, with Huntress already implemented, it made it very clear that, given what we had recently worked on with one of our clients, Huntress was our best choice.

What other advice do I have?

I would rate Huntress ten out of ten.

We have experienced no maintenance requirements with Huntress, as our RMM solution automates most processes. Consequently, we do not need to address deployment, maintenance, or troubleshooting issues related to Huntress; it functions seamlessly.

New users need to be prepared for incident responses from Huntress. If they do not have an incident response plan, they need to create one first so they can handle and remediate quickly for their clients.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP Reseller
PeerSpot user
Cyber Security Analyst at Apex Computing Services Ltd
Real User
Top 20
Aug 12, 2025
Effective security management reduces workload and operational expenses
Pros and Cons
  • "The most valuable features of Huntress Managed EDR include the SIEM and the log ingestion from firewalls; it has been really effective for managing our security. Huntress Managed EDR has positively impacted my organization by significantly reducing tickets coming to the SOC team; we have seen far less noise in terms of tickets since its implementation."
  • "There are some drawbacks in Huntress Managed EDR, particularly with the security awareness training aspect which is more manual than expected compared to something like KnowBe4."

What is our primary use case?

We use Huntress Managed EDR as part of our tech offering for enhanced security, especially for small and medium businesses.

What is most valuable?

The most valuable features of Huntress Managed EDR include the SIEM and the log ingestion from firewalls; it has been really effective for managing our security. Huntress Managed EDR has positively impacted my organization by significantly reducing tickets coming to the SOC team; we have seen far less noise in terms of tickets since its implementation.

What needs improvement?

There are some drawbacks in Huntress Managed EDR, particularly with the security awareness training aspect which is more manual than expected compared to something like KnowBe4

It could be improved in terms of campaign setup in the security awareness training section of Huntress Managed EDR. The campaign setup in Huntress Managed EDR could be easier, as it requires more manual configuration than anticipated.

How are customer service and support?

Their technical support is reliable and effective.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have previously used SentinelOne and Blackpoint before Huntress Managed EDR.

How was the initial setup?

I was personally involved in the deployment process of Huntress Managed EDR.

What was our ROI?

Using Huntress Managed EDR has indeed reduced the need for expensive security tools or the hiring of additional expensive security analysts. Without Huntress Managed EDR, we would face much higher operational expenses.

Which other solutions did I evaluate?

SentinelOne does achieve similar security goals, but Huntress Managed EDR has less noise, while Blackpoint doesn't operate at the same level as Huntress or SentinelOne. The difference between Huntress Managed EDR and Blackpoint's SOC team is that Huntress is more responsive, providing detailed reports and helpful guidance.

What other advice do I have?

I combine Huntress Managed EDR with Capture Client, which is a mixture of Windows Defender and SonicWall Capture Client as our EDR. I am satisfied with how the automatic remediation in Huntress Managed EDR works; it has been helpful. I'm pretty satisfied with their work. 

Huntress Managed EDR is pretty easy to use once you're familiar with what it does and have access to it.

We are an MSP, so we use Huntress Managed EDR internally as well as for our customers that we support. After deploying Huntress Managed EDR, I saw almost instant improvement in our organization's security, specifically with a significant cut down in SOC tickets. 

We make use of Huntress Managed EDR's ability to automatically remediate low-severity threats. The automatic remediation in Huntress Managed EDR has been very helpful for our workload and security.

My overall rating for Huntress Managed EDR would be about eight and a half, almost nine.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Pieter Van Der Walt - PeerSpot reviewer
Founder / Director at CX consulting
Real User
Top 5
Aug 4, 2024
Great for SMBs and has excellent customer support
Pros and Cons
  • "Users usually note improvements in a matter of days. In others, it is immediately. It varies according to the environment."
  • "It would be ideal if they could create some incentives to help more partners get clients to onboard it."

What is our primary use case?

We're a Huntress partner. It's being used by certain clients as an alternative to mainstream EDRs.

How has it helped my organization?

The feature that I like about Huntress, which I have not seen with any other solution, is the proactive incident checking. The team flags certain potential malicious incidents. The ease of use regarding implementation has also been great. 

Overall, Huntress ensures a better cyber security posture. It provides a good baseline for security. Having the peace of mind that you have a decent set of guys or a team behind you is excellent.

What is most valuable?

The solution's simplicity, ease of implementation, and thoroughness are all valuable aspects. It doesn't put a heavy load on endpoints. 

Huntress has good support. 

It's a solid solution. For SMEs, it is an extremely good solution to have.

It has behavioral-based algorithms. Having that peace of mind that you actually have a group of experienced SOC analysts who are there watching is helpful. I don't have to be there to attend to the potential incidents straightaway 24/7. It takes a strain off of the partner company. As a user, you can actually go and rest and have a fairly peaceful weekend. If something happens, you have a good, solid team behind you that will attend to any potential threats that pop up over the weekend or any given day.

Of all the different solutions I work with, Huntress is one of the easiest.

As a partner, Huntress is useful for the SMB market. It integrates with Microsoft Defender and it really makes things so much easier. It offers a single glass pane, and you can see exactly what's happening.

We had one incident, where a user was trying to click on a potential malicious link. However, the processes were fairly quickly identified, and everything was killed literally within a couple of seconds. That incident was very effectively stopped.

The fact that the solution is fully managed by Huntress 24/7 frees up quite a lot of time from a technical point of view. We don't have to, first of all, employ a local resource. The potential local resources that were available, they can now just look at maybe assisting with some of the alerts. With Huntress, now they have time available to perform other tasks. Also, we're now a bit more proactive than reactive. We're likely saving 50% to 60% of our time. 

We make use of Huntress' ability to automatically remediate low-severity threats. That automatic automated remediation has positively affected workloads and security. With any type of automation, you free up time. You also know that once there's an incident, certain steps have already been taken. The technician will be able to see if some of the mundane tasks have already been performed, and that way, they don't have to waste time redoing those.

Using Huntress helped reduce the need for expensive security tools or hiring expensive security analysts for our clients.

Huntress affected the overall security of our clients. It provides a good layer of security. Security is a layered approach. 

Users usually note improvements in a matter of days. In others, it is immediate. It varies according to the environment.

Huntress utilizes AI in a very clever way, especially on the behavioral-based level. Typical attacks don't always utilize the old traditional signature-based attacks. They utilize it quite effectively.

What needs improvement?

The pricing could always be lower, however, it already is good value for money.

It would be ideal if they could create some incentives to help more partners get clients to onboard it. 

They should grow their market and spend a bit more time and effort on South Africa.

For how long have I used the solution?

I've been using the solution for three years. 

What do I think about the stability of the solution?

The solution is stable. Aside from some occasional general maintenance, it's great. I'd rate it ten out of ten.

What do I think about the scalability of the solution?

We have clients that range from three users to up to 65.

I'd rate scalability eight out of ten. 

How are customer service and support?

They offer very good support. It's a simple email away. The responses are great. In a nutshell, you know you have a company that backs you as a partner. They are proactive.

Support is superb. I can't complain. It's effective. It's quick. The turnaround time on submitting complaints is very, very quick. If I report something today, maybe by tomorrow someone will revert. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I've worked with various solutions, including SentinelOne and Acronis.

From a deployment point of view and from a configuration setup point of view, Huntress is just easier. It's simplistic. The rate of false positives for reporting is much less, in my experience. It's just a much easier product to use.

How was the initial setup?

The deployment is pretty straightforward. It's literally a couple of minutes per client. The integrations make it simple.

We've got seven people dedicated to working with the solution. 

There isn't really any maintenance. Once it's set up and configured, the agents ensure that it is updated on a regular basis. If they do not update, for some reason or other, you are warned about it. 

What's my experience with pricing, setup cost, and licensing?

It's reasonably priced. The pricing is very competitive.

From the point of view where small businesses cannot afford a full stack, Huntress provides a basic solution where your threats are taken care of with the awareness training that's attached. If you are looking for something very basic to put in place, it's very good value for money.

I'd rate the pricing six out of ten. However, there are a whole lot of other factors that you need to look at when you purchase a solution. You need to look at not just the product. You need to look at the team behind the product. You need to look at effectiveness. You need to look at after-sales support, et cetera. In general, they are fairly inexpensive and very competitive. Even if they would bump up their prices a little bit, they are a decent solution to look at.

They are worth the investment.

What other advice do I have?

I'd recommend the solution to others. From value for money to ease of implementation to minimal false positives, it's great. You get peace of mind that you know that you've got someone that actually looks after you. 

I'd rate the solution ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Senior Consultant at a tech services company with 11-50 employees
Real User
Top 10
Aug 4, 2024
Easy-to-use product with efficient reporting capabilities
Pros and Cons
  • "Huntress is easy to use. It immediately improved visibility and understanding of our security posture."
  • "The product could be improved in terms of customization options available for reports."

What is our primary use case?

The client had likely experienced ransomware attacks and wanted to adopt a more proactive approach to address such threats. They needed a solution that would minimize downtime and avoid disruptive incidents. 

How has it helped my organization?

Testing Huntress improved our organization by enhancing service offerings. It gave us the confidence to approach clients and present a solution well-suited for those seeking basic and advanced options. It positioned Huntress as an ideal, lightweight MDR solution. Additionally, we generated a decent amount of income from it.

What is most valuable?

First and foremost, I appreciate the team's expertise in finding the solution. For example, one of the lead researchers, has a public presence and a YouTube channel, demonstrating a high competence level within the research team. It instilled confidence that they would effectively detect and address threats.

Second, Huntress responded very quickly during testing—within about ten minutes. While this speed might not always be guaranteed, the prompt response during my mock tests, where they successfully locked down the machine, showcased their efficiency and accuracy.

Additionally, we are an MSP, and the pricing model Huntress offers works very well for us.

Finally, the reports provided after an incident are very thorough. They offer a clear and detailed description of the attack, which reassured me of its effectiveness.

What needs improvement?

The product could be improved in terms of customization options available for reports. Specifically, there should be more granular control over report scheduling and the ability to include more specific information.

For how long have I used the solution?

I have used Huntress for six to seven months.

What do I think about the stability of the solution?

The product is stable.

What do I think about the scalability of the solution?

Our clients have 150 Huntress users in the entire organization. Regarding the number of users I could serve, I rate the scalability a ten out of ten.

How are customer service and support?

The technical support services are good.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was straightforward. It took a few minutes to complete the process.

What about the implementation team?

I implemented the product for the client's entire organization.

What was our ROI?

We received around 200% return on investment using Huntress.

For example, if the platform's price was $1 per annum, we charged $3. However, that includes all the reporting, account management, and other services.

While the product did not directly reduce costs, as there was already an existing solution, it did help by eliminating the need to hire a dedicated security analyst. It meant we could avoid adding that headcount to our business, saving on potential additional expenses.

It may have reduced costs by approximately 50 % compared to our previous solution. The one we were using involved paying a company based in Malaysia that utilized a specific piece of software to deliver their service. Switching to Huntress brought our costs down by 50%.

It has saved us a significant amount of time in terms of reporting. The reports generated were already comprehensive, so we only needed to configure them to be sent to the account manager and the company's resident IT staff.

Another significant time saver was the ease of installation. We could effortlessly integrate it into our existing remote monitoring and management (RMM) system and deploy it to the machines. This contrasted with our previous solution, which did not support unattended installations. We had to arrange for someone to install it on each machine, even if it was remote, requiring scheduling and user notifications. The client had around 100 to 150 machines, so this process was very tedious.

What's my experience with pricing, setup cost, and licensing?

I rate the product pricing six out of ten for the Malaysian market. However, I would rate it a three out of ten for the Australian, New Zealand, or Singapore markets.

What other advice do I have?

Huntress is easy to use. It immediately improved visibility and understanding of our security posture.

It is a good solution for small and medium-sized businesses (SMBs). It is quite effective in the context of the SMB market and for managed service providers (MSPs) deploying the solution. It is easy to install on machines and fits well within the price range for companies that might be using Microsoft 365 but have yet to be ready to move to Business Premium.

It also manages standalone Microsoft Defenders, which adds a unique advantage. It provides a holistic approach, helping us tap into the telemetry from the existing antivirus on Windows machines, providing a more comprehensive solution.

We had to use some other solution alongside Huntress. This client was using Bitdefender as a standard antivirus. If a client wants to stop using Bitdefender, we recommend using Microsoft Defender.

Our team uses some degree of AI to help them work through the telemetry they collect.

I recommend the product to others and rate it a ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Julio Lossada - PeerSpot reviewer
Application Compliance Manager at SOS Support
MSP
Top 5
Aug 4, 2024
Helped to reduce the need for expensive security tools or higher expensive security analysts
Pros and Cons
  • "We saw the benefits of Huntress pretty quickly. Once it started detecting threats, it was great."
  • "Not every time, but sometimes when we click on the remediation, the auto-resolution of the alert, the screen gets stuck, and I need to contact support so they can confirm the remediation was applied, and they have to close the ticket."

What is our primary use case?

This is the tool that we use to keep our devices, the endpoints, protected.

How has it helped my organization?

In the beginning, we were using two antiviruses. The first one was Webroot, and the other was Huntress. At that time, we noticed that Huntress was not compatible with iOS devices, with Macs, so we used both services - Webroot for Macs and Huntress for Windows. 

I feel very protected. I feel really good having Huntress on my computers. There are certain antiviruses we installed before that basically would never detect anything. I also had a ransomware case when a client used a different antivirus. With Huntress, I've never suffered any attacks. 

What is most valuable?

The antivirus protection is very good. With other antiviruses, when you scan the computer, it shows you what was found. However, for Huntress, they don't just show you the threats—they also give you recommendations. There's a simple button you can click to apply the remediation. You don't need to go and do it manually for the most part. 

It's pretty straightforward to use. You don't need to spend a lot of time troubleshooting the alerts, and its ease of use is great. I'd rate usability nine out of ten.

Huntress is a really good choice for small and medium-sized businesses since it's pretty easy to use and doesn't consume too many resources. In the past, we had some issues, for example, with Webroot. There were certain situations when, for some reason, WebRTC consumed a lot of resources, and that was a pain for the clients. We never had this kind of issue with Huntress. 

It's pretty easy to install and deploy. It has a lot of reports. The way they show the reports is pretty good and easy to understand for the client. In the past, when clients received reports, they did not understand. We don't have to explain Huntress reporting. 

We saw the benefits of Huntress pretty quickly. Once it started detecting threats, it was great. When I first started using Huntress, I started comparing it to other solutions were using, and I could see how beneficial Huntress was. For example, you can see what it's doing, and also you can see when it's complete in real-time. 

The solution is fully managed by Huntress 24/7, which reduces our workload when managing and triaging alerts. It's a great feature. 

Huntress can remediate low-severity threats automatically and take certain actions automatically. For example, if the antivirus detects ransomware, it isolates the computer automatically. I don't need to do anything. I received only the alert that said the computer was isolated. Then, I usually need to check the logs and see if I need to do something manually or something similar.

Huntress helped to reduce the need for expensive security tools or higher expensive security analysts. In fact, we had conversations on how to reduce costs as an MSP. They reviewed the number of seats we have, and they offered us a new plan with better with less cost.

What needs improvement?

Not every time, but sometimes when we click on the remediation, the auto-resolution of the alert, the screen gets stuck, and I need to contact support so they can confirm the remediation was applied, and they have to close the ticket.

Maybe they can add a way to remove unresponsive agents. For example, if I have a client with ten devices, and I deploy Huntress in those ten devices, and for some reason, one device has maybe two or three months offline or not running, maybe they can add automation to remove the agent after a certain amount of time. That way, I will not be paying for a device that has been offline. We do have audits to avoid this. However, it would be useful if the process was automated. 

In the beginning, we used other antiviruses. If you install SentinelOne or WebRoot, if you check the device, you will see Huntress is installed, however, you will see it is not doing anything since he other antivirus is installed.

I know that Huntress has a beta version for Macs, so it is not fully deployed or released. We're waiting for the final version to use it on our Macs. 

For how long have I used the solution?

I've used the solution for four years. 

What do I think about the stability of the solution?

I'd rate the stability eight out of ten. Most of the time, it's working fine. I'd just like it to be fully compatible with all of our OS. For example, we've had clients that use a special version of Windows for a POS, and Huntress isn't fully compatible. 

What do I think about the scalability of the solution?

I've never had issues with the scalability. 

How are customer service and support?

Not all antiviruses have 24/7 support or management. There are some cases where I read the logs, and I have to contact Huntress support, and they are always available. I never wait more than maybe ten minutes to get support. They always help me with the issue without problems. They are always giving me solutions.

This is the best support I have used. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have also used WebRoot. Huntress is better as the support team is great and I have less issues with the solution. I've had trouble installing and uninstalling WebRoot.

How was the initial setup?

We always install Datto RMM first manually. Then, we share the link with the client. They install Datto RMM, and then we use that to deploy Hunteress. It's pretty simple. It only takes a few minutes to install. A single technician can deploy the solution. 

What's my experience with pricing, setup cost, and licensing?

The pricing is a little bit high. However, I understand the service is better. They offer different plans according to tiers. If you have more devices, you get better pricing. 

What other advice do I have?

We're an MSP and have a lot of relationships with many vendors. 

I'd rate Huntress nine out of ten.

I'd recommend users give Huntress a chance. The MSP portal is free to use and it has a lot of integrations.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
PeerSpot user
reviewer2344506 - PeerSpot reviewer
Chief Security Officer at a computer software company with 51-200 employees
MSP
Feb 27, 2024
A great option for the SMB market, enhances visibility into endpoint activity, and reduces the effort needed for handling alerts
Pros and Cons
  • "The most valuable aspect of Huntress is its 24/7 SOC service."
  • "Huntress' Process Insights feature could benefit from more robust search and filtering capabilities."

What is our primary use case?

We use Huntress to monitor our internal and customer systems for security vulnerabilities.

We chose Huntress for its 24/7 managed detection and response services.

Huntress is deployed entirely in the cloud. We use the Huntress portal to manage it and our RMM tool to distribute the agent to our devices.

How has it helped my organization?

Huntress is a great option for the SMB market. It's competitively priced and offers good value for the money, making it one of the most cost-effective security solutions available. Its team is highly qualified and delivers a quality product at a price point that fits the SMB budget. Enterprise tools can often be overly complex or expensive, and Huntress effectively addresses both of these concerns.

It's extremely easy overall. We deploy the agent and it takes care of the rest.

Huntress enhances visibility into endpoint activity by monitoring running processes. It employs a 24/7 human response team to analyze alerts from both the Huntress agent and Windows Defender Endpoint Protection. This team can then choose to isolate suspicious activity and limit its impact if deemed malicious, or escalate the case for further investigation.

Some endpoint protection solutions may miss early warning signs of suspicious activity, such as unusual system behavior or potential footholds for attackers. This is often the case when deploying such solutions to new customers. However, it's important to remember that malicious activity doesn't happen every day in every environment. So, for some customers, its value might not be immediately apparent. It might take a few years before a serious incident occurs, highlighting the need for Huntress' detection and response capabilities. Therefore, the timeframe to see the benefits of Huntress can vary greatly.

The fully managed service has certainly reduced the effort needed for handling alerts from endpoint protection solutions like Windows Defender. Eliminating the need to deal with false positives has been a significant benefit, greatly reducing our team's workload. Additionally, the SOC within the service effectively handles after-hours issues, minimizing the impact on our on-call staff.

Instead of relying on expensive endpoint protection software, we successfully leveraged the built-in Windows Defender in conjunction with the Huntress agent. This combination, in our opinion, represents a significant improvement over using a potentially more robust but costly solution alone. The key advantage lies in the added human element: Huntress' 24/7 monitoring and endpoint isolation capabilities. This approach has demonstrably improved our security posture. However, it's unclear whether it fully eliminates the need for a high-cost security analyst. While Huntress certainly reduces expenses associated with lower-level resources tasked with the initial triage of false positive alerts, its impact on the role of a specialized security analyst remains to be determined.

It has improved our overall security significantly. It adds another valuable layer of protection and provides greater visibility into endpoint activity. Perhaps the most significant benefit for us is the true 24/7 coverage. While our staff has extended hours, there's a gap overnight when no one is actively monitoring for security incidents. When time is of the essence, as it often is in cyber situations, having someone from Huntress available to instantly respond by isolating threats is invaluable. This service is certainly more cost-effective than attempting to staff our team for round-the-clock coverage.

Our security started improving immediately after deployment. It began searching for pre-existing footholds or remnants of other malware that may not have been fully cleaned up from previous infections. The 24/7 SOC provided instant benefits—knowing we had that extra layer of protection with dedicated experts watching our systems was a reassuring feeling.

What is most valuable?

The most valuable aspect of Huntress is its 24/7 SOC service. If something suspicious is seen on an endpoint, even in the middle of the night, there is always someone available to react quickly and isolate the endpoint to mitigate the potential spread to others. 

What needs improvement?

Huntress' Process Insights feature could benefit from more robust search and filtering capabilities. Currently, it's quite basic, offering only a single search bar with limited granularity. Additionally, the data retention period is short, with access restricted to three days. While the SOC team can export a week's worth of data, extending this period to at least thirty days would be highly beneficial.

Overall, we're generally satisfied with the solution. However, deeper integration with other endpoint protection platforms would be valuable. Ideally, Huntress should be able to ingest alerts from systems like CrowdStrike and conduct investigations similar to CrowdStrike's offerings. This would be particularly useful for us as a CrowdStrike partner.

For how long have I used the solution?

I have been using Huntress for three years.

What do I think about the stability of the solution?

Last week, we encountered an issue with the Huntress agent. Essentially, there are two components: the core Huntress agent and the Rio agent, added later about a year into our partnership for process insights. While Rio is valuable, we experienced a communication gap regarding its functionality.

If Rio shut down for any reason e.g., computer reboot, or agent update, it wouldn't restart properly, creating a blind spot for the Hunter team as no data was transmitted. This issue emerged within the past two weeks and took a few days for Huntress to identify and resolve.

Overall, the platform is generally stable, but we've faced some bumps in the road. One issue involved unclear communication about agent check-ins, and the other was the recent Rio shutdown problem.

What do I think about the scalability of the solution?

Huntress scales very well. We've grown from approximately 9,000 to 17,000 endpoints, and I haven't encountered any scalability issues.

How are customer service and support?

We're generally very pleased with the technical support. They respond promptly via chat, and if the frontline team can't resolve an issue, they escalate it swiftly. In one instance, their SOC analysts even helped us investigate malicious activity at our endpoints, something that deeply concerned us and our customers. In that situation, they truly went above and beyond to assist us.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used Webroot, but it was ineffective at stopping the latest ransomware threats. That was the main reason we switched to Huntress. We replaced Webroot with the built-in Windows Defender plus the Huntress agent, and together they proved significantly more effective at stopping those threats than Webroot alone.

How was the initial setup?

The initial deployment was smooth. However, we realized a gap in our internal processes and understanding of how to respond to different alert levels.

Our deployment was rushed due to signing the agreement during the Log4J vulnerability outbreak around Christmas 2020. The widespread threat forced us to prioritize deploying the Huntress agent quickly instead of following a slower, more deliberate approach to replacing Webroot.

Fortunately, the Huntress agent seamlessly integrates with other endpoint protection solutions. This allowed deployment without disrupting existing protection or leaving us vulnerable during the transition.

The additional 24/7 SOC visibility without replacing our current endpoint protection has been immensely valuable. While deployment was simple, we identified the need to refine internal processes and response protocols for different alert levels.

We had a small team, perhaps two or three people, working on the deployment. In all honesty, it could have been done by a single person. Our deployment process is streamlined, and we have a large customer base. As a mid-sized MSP with over two hundred customers at the time, we had the manpower to spare. However, thanks to scripting and RMM tools, even a single individual could theoretically deploy Huntress to a large number of endpoints with ease.

What about the implementation team?

Being an MSP, we implemented the solution internally.

What's my experience with pricing, setup cost, and licensing?

Huntress is priced fairly for the services and value it provides.

What other advice do I have?

I would rate Huntress nine out of ten.

Our team occasionally uses the automatic remediation feature for low-severity threats, but we don't heavily rely on it. When it comes to endpoint protection alerts, we prefer a more hands-on approach. Despite using automatic remediation to some extent, the feature's impact on our workload has been minimal.

The biggest maintenance challenge with Huntress is the potential for certain firewalls, especially Fortinet models depending on their enabled features, to block communication from the agent on the endpoint back to the Huntress portal. This blockage isn't apparent from the endpoint itself. While the Huntress page might appear installed and running, the agent might have only checked in initially and stopped sending data. After a month of inactivity, Huntress removes the agent to prevent the portal from becoming overloaded with inactive agents. This creates blind spots in our monitoring, as we remain unaware of the missing data. Addressing this challenge has been difficult, as we rely on our RMM tool for endpoint management and strive to maintain a consistent active list. Continuously comparing this list with the Huntress portal to ensure they match has proven frustrating.

When using Huntress the most crucial aspect is training our internal staff on how to respond to different alert levels. These levels typically fall into three categories: low, high, and critical. It's essential to have a clear action plan or standard operating procedure outlining how our team should handle each alert type. Additionally, basic training on the Huntress portal is recommended. The portal has various pages, modules, and tabs, so familiarizing our staff with navigating and interacting with it is crucial. This includes skills like isolating endpoints, removing isolation if necessary, and utilizing provided remediation tasks or manual remediation if preferred. Implementing these measures will significantly improve our incident response capability.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
PeerSpot user
Joanne Hughes - PeerSpot reviewer
Cyber Security Engineer at Apex Computing Services Ltd
Real User
Top 20
Jul 14, 2024
Finds password files and offers extra protection to customer machines
Pros and Cons
  • "Huntress helps us replace traditional antivirus solutions with an EDR. I like how easy it is to use and deploy. Support is good- they've responded quickly when I've had issues. I like it a lot so far. It reports valuable information and filters out things I don't need to know."
  • "I'd like it if Huntress could scan for software that's out of date or has open vulnerabilities. That would be useful for us. Scanning for vulnerable software would be helpful. Also, we've set it up to create a ticket in our ticketing system when there's an alert. It would be nice if closing that ticket would also close the Huntress alert. It doesn't do that right now, but they're working on adding that feature."

What is our primary use case?

We are a Managed Service Provider. We use the solution to offer extra protection to customer machines. 

What is most valuable?

Huntress helps us replace traditional antivirus solutions with an EDR. I like how easy it is to use and deploy. Support is good- they've responded quickly when I've had issues. I like it a lot so far. It reports valuable information and filters out things I don't need to know.

The solution is easy to learn. I like the scanning it does for M365. We use Datto RMM for remote machine support. Huntress has a built-in component for Datto RMM that we can deploy immediately. I can push Huntress out to machines in about eight minutes. It does what it's supposed to do, which is amazing.

The tool is suitable for small to medium businesses. It monitors everything going on with their machines and their Microsoft 365 tenant if they have one. Even if they don't have their IT department, it can help flag issues.

The main benefit our customers see is the additional security Huntress provides. We've found that it reports many password files people save on their machines. For example, it might find a Word document full of passwords on someone's desktop. Just highlighting that this is happening is a valuable part of the service.

Previously, I had to go through all the alerts myself and figure out what was important and what wasn't. Now, my time is freed up to deal with the important alerts. I don't have to spend time finding what's important - it's already right before me.

It highlights when new mailbox rules are created in Microsoft 365, which helps us spot breached accounts. It also finds valuable password files on machines. This is one of the biggest security risks—if someone gets into a machine and finds a password file on the desktop, they can easily access things they shouldn't.

We could see the solution's benefits from the very first minute of its deployment. 

What needs improvement?

I'd like it if Huntress could scan for software that's out of date or has open vulnerabilities. That would be useful for us. Scanning for vulnerable software would be helpful. Also, we've set it up to create a ticket in our ticketing system when there's an alert. It would be nice if closing that ticket would also close the Huntress alert. It doesn't do that right now, but they're working on adding that feature.

For how long have I used the solution?

I have been working with the product for a few months. We are a new customer. 

What do I think about the stability of the solution?

I haven't experienced any downtime. 

What do I think about the scalability of the solution?

My company has around 1300 endpoints. The solution is scalable. 

Which solution did I use previously and why did I switch?

We previously used SonicWall Capture Client for EDR. But it's not the same thing as Huntress. I don't think I could compare them. I'd say that Huntress is completely new in how we use it.

How was the initial setup?

Since we use Datto RMM, we just had to add their components and a secret key from our Huntress site. Then, when we deploy the agent, it communicates with the Huntress site, and all endpoints appear there. The whole process takes around 15 minutes.

It's not difficult to maintain. I've set it up so that if a machine hasn't reported to Huntress in 30 days, it automatically removes itself from our site. So, it maintains itself. I've also set up a recurring job to check that it's installed on all the machines it should be on.

What about the implementation team?

We did the deployment in-house. 

What's my experience with pricing, setup cost, and licensing?

The solution is cheap compared to other alternatives. It offers good value for money. For the whole solution, it's up to about five pounds per device per month. Considering what it does, I think that's very good value.

Which other solutions did I evaluate?

We evaluated Seceon and eSentire. We chose Huntress because it was easy to deploy and does what we need it to do. eSentire seemed more hands-off, but with Huntress, we can handle the problems it flags ourselves. Seceon was hard to set up. 

What other advice do I have?

If you are unsure about the solution, try to get a trial and see what it does. I rate it a ten out of ten. 

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: MSP
PeerSpot user
Buyer's Guide
Download our free Huntress Managed EDR Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2026
Buyer's Guide
Download our free Huntress Managed EDR Report and get advice and tips from experienced pros sharing their opinions.