Huntress Managed EDR Reviews

We started out using their PC agent, their EDR product, and we deployed that at our office and for all of our customers. We also use their analyst team to keep an eye on things.

Last year in November, we started using their security awareness training product, and I am in the process of trialing their new MDR for the Office 365 product.

The agent deployment process is simple. You can do it manually. They pre-write scripts for various tools to install. You can install them with RMM or via PowerShell. They give you lots of ways to get their agent installed. You can even do it manually, which is very quick. We have it automated, so it just gets pushed out to every new PC we deploy. It works on almost everything that we need it to work on.

Their SAT product is simple. They have a great way of connecting you to Office 365. In most of our cases, they can automatically pick the phishing type email for the month. The security awareness training they provide is based on what they are seeing out in the real world. They call those Huntress Managed, and their security analysts decide what threats they are seeing this month and make a phishing test or an SAT course based on what they are seeing, which is great. With a lot of other security awareness training products, it takes a considerable amount of time to go in and design the email, pick the course, follow it through, and make sure that people are doing it. Huntress has a lot of that dialed in where we just set it and start it. If somebody fails the phishing test, they automatically get follow-up training. We get a report at the end of the month saying who has completed it and who has not. For the ones who did, we got to know how they did. It cuts a lot of manual time to keep those going month after month.

Huntress is great for small and medium businesses. It is a great tool just about anywhere. We have got it deployed for large organizations and small customers. Insurance requirements are asking for this kind of solution, and Huntress is a great, competitively-priced, feature-rich, and live-human-backed product. When you look at other things and try to put all those pieces into one, it is considerably more expensive, and you do not necessarily get all those things from a single vendor. There is an added headache that goes with that.

In terms of its time to value, I have secondhand knowledge of some of the benefits. We ran it internally, and we used it in point-by-point situations. We were not quite at the point in the early days to just roll it out on all the endpoints we managed, so when there was suspicious activity or something not quite right, we used it to see if it could find something. It did find them in some cases, and in some cases, nothing was found. There were other issues causing performance or other problems with that computer.

We got to a point where they were very active, and they are still very active, in the community. They were very vocal and open about sharing what they saw regarding exploits and breaches. Listening to them talk and seeing how involved they were in trying to raise the entire MSP community, I was sold on their culture. It did not take a lot to go from there to deploying agents on all the machines that we manage.

Our workload has gotten better because they are handling things that my people do not have to handle. Some of what they are doing now, we were not doing before, so I cannot look and say that I flipped the switch and my labor went down by this much. However, we got a lot of benefits that we did not have before. We also have peace of mind.

Huntress has the ability to remediate low-severity threats automatically. It is cool. When they started out and were growing the product and figuring out who and what they wanted to be, they would give a good list of remediation steps. That was another big benefit. When they found something, they gave us the steps to get rid of it on that machine, which was a time saver. Traditionally, when something was found, we had to spend 30 minutes on Google searching how to get rid of it, whereas Huntress gave out the list. Over time, they got more comfortable and decided that they could do this as an opt-in, and now, they can do it automatically. Watching that evolution and being able to say that if something shows up in there, they will remove it is great. We get a report, and we can go to the end user and say, "You had software that should not be there, and we took it off. Do not put it back on because it will be taken off again."

Using Huntress has not reduced the need for security tools, but that is only because I believe in a multi-layered approach and am a security-minded MSP. Huntress, for sure, fills a gap between other products. Even they would not tell you that they are an end-to-end or be-all solution. They are working their way towards it. I will bet you that. What they do and what they handle with their team of security analysts, we were not doing that on our own. The assisted remediation and the fully automated remediation definitely save time.

The EDR product is simple to install. It is low maintenance. All the alerts go to Huntress first, and their analyst team reviews them and sends actionable things our way.

They are very good at keeping an eye on persistent threats and pointing out misconfigurations. In some cases, if they get wind of some exploit, they typically use their agent to see if they can identify partners that are at risk. A couple of times, we had an agent on a machine somewhere, and they told us that they saw a new exploit and a specific machine might be vulnerable, and we probably want to check that. We have had cases where the users downloaded something or got an email attachment, and Huntress flagged it and isolated the device before it could spread. It is a handy product. They are a great company to work with.

I have not got anything as such. They have already added an agent for Mac. I am anxiously watching to see how they evolve their MDR for Office 365. If anything, I would like more automated remediation capabilities in their MDR for Office 365.

I have been using this solution for three and a half years.

I have never seen any issues.

If you ask me to deploy another 100 agents, I can do it in five minutes. From my perspective, I can put as many agents out there as I need to because it is all cloud-based, and they do a good job of maintaining their environment. When I add an agent and do an install, I can look in their portal, and within a couple of minutes, I see the agent check-in. 

Their support is of very good quality. We talk to security analysts most of the time. When we ask questions, there are times when they have to research. We do not ask simple questions, so sometimes, they do need to research what is going on with that particular machine or that particular incident, but they are responsive. They give intelligent answers. They are always good and friendly people to talk to. I would rate their support a 10 out of 10.

Positive

We did not use a similar solution. We still use traditional AV with Huntress. It is filling in a gap that we did not know was a gap before. We did not replace them with anything. We layered them into our stack.

It is all cloud. Its initial deployment was very easy.

We did not try to do them all at once. We scaled up, and we did a bunch here and there as we were growing it out because we could not take on all the costs without getting some of our clients to buy off on it and pay us for it. It was not an all-at-once. 

The way it works is that if you already have an RMM agent on all the machines, after you have it set up initially, it takes 20 to 30 minutes to do the install script and push it out to the first handful of machines. After that, it is just a matter of checking some boxes and hitting install. The installer itself is very fast. It goes and downloads itself, configures itself, and names the locations. They did a great job building this script for installation. If you tell me that I need to put this on a new company with another hundred systems, it would take me five minutes.

In terms of maintenance, you do not have to manually update an agent. Most of the time, they update themselves. We have to keep an eye out to make sure that they do not get uninstalled, but that is there with any software. Overall, there is not much in the way of maintenance. We just need to check everything and make sure it is doing what we think it is doing.

We did it internally. We are an MSP. We are the IT consultants, and there was nothing needed to bridge the gap between Huntress and us. They did a great job of onboarding. 

One person was required for its deployment.

It is simple. It is reasonable. They raised my prices this year. We never like price increases, but they continue to add value, so we just keep adding agents as we grow and as our clients grow.

We were always evaluating our endpoint security solutions, but there was nothing like this out there.

Stop waiting and just do it. 

I would rate Huntress a 10 out of 10.

It integrates seamlessly with RMM, making it easy to roll out and use. Many fixes are automated, so you can approve them and let the system handle them, avoiding the need to go through individual steps. If something serious comes up, they proactively make phone calls and lock things down in advance. It simplifies my job rather than adding it.

It has improved my organization by making things easier.

After deployment, it takes some time to scan and process everything. Huntress has effectively flagged issues such as password files on desktops, which it identifies as low-level alerts. It also handles more significant threats effectively. The system runs in the background and uses sample files to detect ransomware attacks quickly. If an attack occurs, Huntress can isolate the affected machine promptly. We noticed benefits and problem-solving capabilities within the first week.

I had been requesting Huntress support for macOS for a while, and they recently rolled it out, making it generally available within two months. Having a regular support line would be good.

I have been using Huntress for a year and a half or two.

There are no issues with stability.

This solution is used by 400 machines. It scales independently. When we add clients to our RMM, the script runs every night and automatically adds Huntress to the new clients and their machines.

Support was quick. They made it easy for us to get assistance when needed. They responded promptly to our inquiries about upcoming products and provided timely support to get things rolling. We were tweaking our scripts, and they directed us to their repository of scripts and resources. When I encountered an issue, they suggested hopping on a call to walk me through it rather than just relying on chat. They resolved the issue relatively quickly.

Positive

Huntress provided ease of use and a lower spend. The sales team was supportive throughout the process, not just during the initial setup. They helped with scripting and ensured we were fully operational before stepping back, which made things much easier for me.

The pricing is great.

Their minimum spend is quite low, unlike some vendors that require $500 or $1,000 a month. It's around $50, so you can start with just a few clients if you're new or scale up if you're larger. Their products integrate well with our existing systems and perform effectively.

I’ve worked with some vendors whose implementations were so complex that managing the solution required almost a full-time person. In contrast, Huntress was straightforward to deploy. You set a few permissions, and then it just runs in the background. This simplified things and made managing the software much easier.

Huntress is largely set-it-and-forget-it. The only real maintenance involves handling remediation for attacked machines rather than ongoing upkeep. The recent addition of Mac support required a new script.

Overall, I rate the solution a ten out of ten.

We use their EDR product essentially to protect the endpoints that we have. It is an additional line of defense in most cases. We have traditional antivirus, and then we layer Huntress on top of it for additional protection.

By implementing Huntress, I wanted something that was an additional level of protection on top of the things we were already doing. They offered it for a fair price.

We could realize its benefits immediately because when you install it on a new endpoint, it immediately tells you the bad things that are happening on it. You get it right away.

The solution is fully managed by Huntress 24/7. It has affected our workload. My team has to do less work. They do the work of triaging the issues that come in, and then they just escalate the ones that need to be escalated to me, which saves me time and effort.

For remediation, we have used the remediation button, but we do not have any auto or unattended remediation on because we like to review that. We have unattended isolation on so that they can isolate, but we do not have unattended remediation on.

Huntress has allowed us to hold off the need for an in-house full-time SOC. Eventually, we will get there, but it helps push that off a little further.

We have combined Huntress Managed EDR with other solutions. We use it on top of next-generation antivirus. It works very well. Very occasionally, Huntress can miss something, but AV catches it. The combination of these two gives me more effective protection than anyone individually.

It catches things that no one else catches. We occasionally have things slip through antivirus and other things, but Huntress catches them. It is awesome as an additional layer of defense on top of other things.

It is very easy to use. You install it, and then it does its thing, and it tells you when it needs you to do something. It does what it says on the box.

It is a good solution for the SMB market. When you get to the enterprise level, there are other solutions that can do similar things with other enterprise-type price points, but for up to mid-market, and even small enterprises, it is a very good bang for your buck. You can also use Huntress for big enterprises.

I would like the API to be a little bit better. They are getting there.

It has been about six years.

I have not had any issues related to stability.

It scales just fine.

I have contacted their technical support, and it has gone very well. They are very responsive. They provide good answers to the questions that you ask. It is not like they are just on a script. They actually care, and they are actually doing the research and reading your messages and not just sending you standard responses. I would rate them a ten out of ten.

Positive

We were just using an AV. We had Bitdefender.

I was involved in its initial deployment. It is a SaaS application with an agent that you push down. We just push the agent down via our RMM tool. It was easy.

We did it ourselves. There was just one person required. I just pushed it via a tool I already had. It took a couple of hours to roll it out everywhere.

In terms of maintenance, you occasionally get agents that stop checking in, but it is very rare. They send notifications about them, and we deal with them.

It is fair. They provide good value for the product that they deliver. I have had one price increase in the entire time I have used them. They added a bunch of features and then said that they have to increase our price a little bit. That is a fair way to handle it.

We did not evaluate other options. There were no other alternatives when Huntress came out. They are still the best at what they do.

I would rate Huntress a ten out of ten.

We use their EDR platform and their MDR platform. By implementing Huntress, we wanted to add another layer of security to our workstations across all of our clients.

Threat protection on the endpoints and great customer support are some of the benefits. There is a great vendor relationship. We could see its benefits pretty immediately. They work well with you. They are very attentive, and they make sure that their partners get whatever support they need.

It has reduced the triage time. When they do find an alert or an issue, many times, they post an accurate resolution, so my technicians do not have to investigate to determine a resolution. It is already outlined for them.

Huntress has the ability to automatically remediate low-severity threats. We use this feature in some cases and not in all cases. It works well when we have used it. It has impacted our workload and security. The faster you can fix the security issue, the better off you are.

Using Huntress has helped reduce the need for expensive security tools or to hire expensive security analysts. It is important. It is hard to maintain a security staff.

We are much more secure today than before starting to use Huntress.

It is very easy to use. It is a great solution. They are one of the better vendors that I have ever worked with since I have been in the industry.

Their EDR can have increased coverage for Macintosh. They do not fully secure Macintosh computers.

We started with them at least four years ago.

I have not seen any stability-related issues so far.

It is very scalable.

They are very good. They are very fast to respond, especially in emergencies. They have great support. I would rate them a 10 out of 10.

Positive

We were using Bitdefender. We switched because Huntress was more comprehensive and had 24/7 SOC.

We use their cloud portal, and we deploy from there. I was involved in the initial vetting of the product and the vendor, but I was not involved in doing the installation.

In terms of maintenance, when updates need to be pushed out, we make sure that they are pushed out. They normally get installed automatically. We have a tech person who daily makes sure that everything is okay in the portal. There is no real maintenance. There is nothing that we would not do for any other vendor.

After deploying Huntress, we could immediately see improvements in our organization's security.

It works well for an MSP.

We evaluated Blackpoint Cyber and SentinelOne. We chose Huntress just because of what they offered. Blackpoint Cyber and SentinelOne are great products. It was a hard decision between the three, but we chose Huntress.

Those evaluating this solution can research it online. They can ask their peers or just contact Huntress. They will guide them through the whole process.

I would rate Huntress a 10 out of 10.

I use Huntress as an EDR tool to detect, prevent, and block any attacks.

Huntress offers a lot more of a proactive approach, being an EDR tool. The tool is eligible to be an ISO 27001 product. Huntress streamlines our organization's processes.

The solution's most valuable feature stems from the tool providing alerts, which is a very good attribute. The fact that the solution operates proactively for our company is because Huntress has one of the best AIs apart from CrowdStrike.

As the CEO of my company, I am not involved in the technical part of the solution on a daily basis, making it difficult for me to comment on the best features of Huntress.

The solution's UI is an area with certain shortcomings that need improvement.

I have been using Huntress for two and a half years. I use the solution's latest version. My company is a customer of the solution.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a ten out of ten.

My company has around 200 users of the solution.

I rate the technical support a ten out of ten.

Positive

My company operates as an MSSP. I have experience with other solutions in the past. I haven't switched to Huntress from some other product since I still deal with products that were used in the past since my company has to cater to the needs of multiple customers.

I rate the initial setup phase an eight on a scale of one to ten, where one is difficult and ten is easy. In general, the solution's initial setup is pretty straightforward.

The solution is deployed on a public cloud.

The time taken to deploy the solution depends on the size of my company's customers, but I can say that it does not take too long. The deployment process is simple, but it’s time-consuming part stems from the need to put the policy in place, considering which I can say that it takes around four hours presently.

One person was required for the deployment process.

I have seen a return on investment in my company with the use of Huntress.

I rate the product's price a five or six on a scale of one to ten, where one is cheap, and ten is expensive since it is a fairly priced product.

There are no costs in addition to the standard licensing fees that I know about for the solution.

SentinelOne and CrowdStrike were the two solutions we had evaluated in our company before opting for Huntress owing to the preference of our customers, who had just discovered that they had detected 3CX exploit.

I recommend the solution to those planning to use it since I believe they should try it.

I rate the overall solution a nine out of ten.

Our primary use case for the Huntress solution is cybersecurity.

I couldn't say specifically how it's helped our organization, but it did alert me to some possible issues that needed double-checking. 

I have found it valuable that this solution is always there and always armed.

In the next release, I'd like to see more intuitive dashboards.

I have been using the Huntress solution for about a week now.

I would rate the stability of this solution a 10, on a scale from one to 10, with one being the worst and 10 being the best.

I would rate the scalability of this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

Regarding the pricing of this solution, I would rate it a nine, on a scale from one to 10, with one being very expensive and 10 being a great price.

We have a hybrid model deployed for this solution where the dashboards are on the cloud, but the agents are on the machines.

Overall, I would rate this solution a nine, on a scale from one to 10, with one being the worst and 10 being the best.

We use Huntress with other antivirus solutions like Microsoft Defender to ascertain the issues that happen at the endpoints which antivirus solutions may not always pick up.

We don’t have the required staff to watch the issues that are happening. It is good to have a team from Huntress who can watch the logs 24/7. The tool’s automatic remediation is also fantastic. The solution’s interface is also nice and easy to use. The Huntress team saves us time by going through the issues.

The Huntress is not a standalone solution. It really needs to be used with something else such as Microsoft Defender or another antivirus solution. It would be nice to see the product fleshed out by the Huntress team and include the antivirus solution part as well. I want it to be a full-fledged XDR product. It would push the tool to a higher price range but it would be nice to see the fleshed out features. I want them to integrate more features from the XDR realm.

I have been using the product for a year.

The tool is stable. We haven’t had any issues with respect to stability.

The tool is scalable. Our company has seven users for the solution.

We have received quick responses from tech support.

The solution is managed on the cloud, and the software is installed directly onto the endpoint. The tool’s deployment is easy. You can download, install and run the solution. It is as simple as that. The tool also has deployment scripts in case you need them. The installation is pretty quick and you don’t need many resources to accomplish it. If you are planning a large deployment, then you can get scripts for the management tool.

I think there is ROI with the use of the solution. It doesn't take very long to get train someone to use the solution. Therefore, you can save on training costs. It has also stopped quite a few issues that could have turned worse.

The tool’s price is very good. You just need to pay for the standard license. However, you need to pay the additional cost for Microsoft Defender.

I would rate the solution an eight out of ten. The solution is extremely easy to use compared to other products. There are many other products with cumbersome portals that are difficult to use. It can be very difficult to teach new engineers how to use those platforms well.

I deploy Huntress to my mid-tier clients to leverage 24/7, 365 threat-hunting capabilities.

Huntress monitors for anomalous behaviors and detections that would otherwise be perceived as just noise and filters through that noise to pull out the important bits. It then alerts me with the remediation steps needed to fix those problems and offers to automatically deploy those fixes if I wish. This enables me to manage and monitor way more endpoints than I would normally be able to.

Huntress' best feature is the threat-hunting expertise that is part of their 24/7 SOC. They investigate anything they don't know about, and I've had things that look like benign detections returned to me as serious threats with advice on how to fix them.

Some of Huntress' reporting could be improved. Specifically, when we get a notification that something has been investigated and found benign, we don't get any information about which devices the issue was on. It's not until we get an actual action plan for a threat above a certain threshold or representing a certain compromise that we know exactly what device is involved. In the next release, Huntress should include better integration with AV or endpoint detection and other response solutions than Windows Defender.

I've been using Huntress for close to a year.

I would give Huntress a rating of nine out of ten. The only thing that rivals it is SentinelOne Complete when it's managed and monitored by a security operations center like the offering by OverWatch.