VCIO at a tech services company with 11-50 employees
MSP
Top 20
2025-01-10T19:56:00Z
Jan 10, 2025
There should be more engagement with the MSP group or their largest clients. They should have focus group discussions on what they can do to improve the product. A more transparent way for the support team at Huntress and our IT team to collaborate to make it faster and easier would be beneficial. It does not mean that the current support team is not doing its job, but if you look at the marketplace, the selling point of one of the competitors Blackpoint Cyber is a more cohesive work-as-a-team approach when it comes to support. I have heard that other MSP businesses using Blackpoint find it to be a much better experience in comparison to Huntress. While we are happy with Huntress, that is one area that everybody is saying can be improved.
One thing they could improve is evolving from an EDR to an MDR, like Blackpoint. This transition would enable automatic remediation of anything that looks dangerous, including within Microsoft 365. For instance, when one of my clients' Microsoft 365 account was breached, Blackpoint identified suspicious activity and disabled the account. It was in Dallas, and we are in California. Blackpoint knew something was wrong there, and they went in and disabled the account. Developing more automated remediation features would elevate them to an MDR level, but I understand that it might affect pricing. They are trying to keep it at a good price point because once they go to MDR, it is probably going to double the price. For now, I find the current features satisfactory, as they continue to add improvements. They have added security awareness training and then log collectors. They are adding pillars as they move along, and I assume they are going to have an option for MDR.
Installing Huntress on a Mac presents a challenge for end users due to the operating system's security features, which require administrator privileges for installation. Ideally, remote installation through an RMM tool would be seamless, but current limitations necessitate direct user intervention and admin rights. Streamlining this process for a more user-friendly experience would significantly enhance the product's appeal to Mac users.
The integration with Autotask could be improved. Currently, it doesn't classify the "installed product" or "configuration item," as they are called in Autotask, preventing automated handling. Additionally, updates could flow more seamlessly to Autotask. Overall, a more enhanced integration would be beneficial.
Managed Services Manager at a non-profit with 11-50 employees
Real User
Top 20
2024-12-27T15:34:00Z
Dec 27, 2024
We have been working on it, but their Rio agent has been having some issues trying to repair itself. I do not know how much of that is on their agent versus some of the things that we have had in place which might have complicated things. It could be due to our existing setups. Additionally, the alert emails differ in format, making automated processing in our PSA more challenging. The alert emails that they send out with the different portions of their product sometimes are not similarly formatted, which makes automatically processing those alerts a bit more difficult in our PSA.
Huntress has a cyber education platform, but it lacks all the languages we need. Since we support customers in different countries, expanding the language options for their training would be beneficial.
One issue is the managed antivirus. Huntress takes control of the antivirus built into Windows Defender, but it doesn't if, for some reason, Defender isn't working properly and doesn't attempt to fix it. We have to fix it with some scripts so that Defender reports correctly to Huntress. It would be nice if they took that action on our behalf. If they saw a problem with Defender, they should roll out a fix.
I had been requesting Huntress support for macOS for a while, and they recently rolled it out, making it generally available within two months. Having a regular support line would be good.
The existing features are perfect. However, I think they could add a more robust set of security features like dark web scanning, penetration testing, and risk assessment for clients. We would have one tool for everything. We wouldn't have to go to multiple vendors to pull something together. That would be more beneficial for us.
Huntress should have a more user-friendly interface because it takes some understanding to work our way through the interfaces. When you log in to the portal, there are many different categories to investigate. It would be good if the solution had a central alerts page to go to first rather than checking into all the categories to see if something needed to be addressed.
The integration with our RMM could be better. That's been one of the tougher things. Having more availability to integrate with RMM is what we need right now. Even though we can create a script, it doesn't always work as seamlessly as it should.
Not every time, but sometimes when we click on the remediation, the auto-resolution of the alert, the screen gets stuck, and I need to contact support so they can confirm the remediation was applied, and they have to close the ticket. Maybe they can add a way to remove unresponsive agents. For example, if I have a client with ten devices, and I deploy Huntress in those ten devices, and for some reason, one device has maybe two or three months offline or not running, maybe they can add automation to remove the agent after a certain amount of time. That way, I will not be paying for a device that has been offline. We do have audits to avoid this. However, it would be useful if the process was automated. In the beginning, we used other antiviruses. If you install SentinelOne or WebRoot, if you check the device, you will see Huntress is installed, however, you will see it is not doing anything since he other antivirus is installed. I know that Huntress has a beta version for Macs, so it is not fully deployed or released. We're waiting for the final version to use it on our Macs.
The pricing could always be lower, however, it already is good value for money. It would be ideal if they could create some incentives to help more partners get clients to onboard it. They should grow their market and spend a bit more time and effort on South Africa.
Senior Consultant at a tech services company with 11-50 employees
Real User
Top 20
2024-07-05T11:07:00Z
Jul 5, 2024
The product could be improved in terms of customization options available for reports. Specifically, there should be more granular control over report scheduling and the ability to include more specific information.
Cyber Security Engineer at Apex Computing Services Ltd
Real User
Top 10
2024-07-02T09:24:00Z
Jul 2, 2024
I'd like it if Huntress could scan for software that's out of date or has open vulnerabilities. That would be useful for us. Scanning for vulnerable software would be helpful. Also, we've set it up to create a ticket in our ticketing system when there's an alert. It would be nice if closing that ticket would also close the Huntress alert. It doesn't do that right now, but they're working on adding that feature.
The application control system could benefit from improvements in identifying and managing both whitelisted and blacklisted applications. Additionally, it would be valuable to have the ability to automatically lock down applications identified as potential threats.
CTO at a tech services company with 1-10 employees
Reseller
Top 20
2024-02-05T20:33:00Z
Feb 5, 2024
We need an API to automatically retrieve metrics and data about backend activity so we can generate client reports. We believe in comprehensive reporting and actively inform our clients about our efforts. Our daily, weekly, and monthly activity reports demonstrate our proactive approach. Currently, Huntress lacks an API to pull this data, hindering our ability to efficiently convey what happened in the past week, month, or quarter, and how it was addressed. An API solution would streamline reporting and enhance client transparency. In addition, we require an external recon report generation system. Ideally, we should be able to select a client and instantly generate a report with a single click. I expressed this need to one of Huntress' developers, emphasizing the importance of user-friendly report access. Such a system would significantly improve our workflow and communication with clients.
IT Engineer at a tech services company with 1-10 employees
Real User
Top 5
2023-03-29T10:25:00Z
Mar 29, 2023
The Huntress is not a standalone solution. It really needs to be used with something else such as Microsoft Defender or another antivirus solution. It would be nice to see the product fleshed out by the Huntress team and include the antivirus solution part as well. I want it to be a full-fledged XDR product. It would push the tool to a higher price range but it would be nice to see the fleshed out features. I want them to integrate more features from the XDR realm.
Some of Huntress' reporting could be improved. Specifically, when we get a notification that something has been investigated and found benign, we don't get any information about which devices the issue was on. It's not until we get an actual action plan for a threat above a certain threshold or representing a certain compromise that we know exactly what device is involved. In the next release, Huntress should include better integration with AV or endpoint detection and other response solutions than Windows Defender.
Huntress Managed EDR offers robust managed detection and response capabilities with 24/7 threat hunting, intuitive deployment, and proactive threat management for small to medium businesses.Huntress Managed EDR provides essential cybersecurity services to businesses by integrating seamlessly with existing tools like Microsoft Defender. Around-the-clock SOC expertise, proactive alerts, and automatic remediation define its core offerings. It effectively monitors threats, detecting footholds and...
There should be more engagement with the MSP group or their largest clients. They should have focus group discussions on what they can do to improve the product. A more transparent way for the support team at Huntress and our IT team to collaborate to make it faster and easier would be beneficial. It does not mean that the current support team is not doing its job, but if you look at the marketplace, the selling point of one of the competitors Blackpoint Cyber is a more cohesive work-as-a-team approach when it comes to support. I have heard that other MSP businesses using Blackpoint find it to be a much better experience in comparison to Huntress. While we are happy with Huntress, that is one area that everybody is saying can be improved.
One thing they could improve is evolving from an EDR to an MDR, like Blackpoint. This transition would enable automatic remediation of anything that looks dangerous, including within Microsoft 365. For instance, when one of my clients' Microsoft 365 account was breached, Blackpoint identified suspicious activity and disabled the account. It was in Dallas, and we are in California. Blackpoint knew something was wrong there, and they went in and disabled the account. Developing more automated remediation features would elevate them to an MDR level, but I understand that it might affect pricing. They are trying to keep it at a good price point because once they go to MDR, it is probably going to double the price. For now, I find the current features satisfactory, as they continue to add improvements. They have added security awareness training and then log collectors. They are adding pillars as they move along, and I assume they are going to have an option for MDR.
Installing Huntress on a Mac presents a challenge for end users due to the operating system's security features, which require administrator privileges for installation. Ideally, remote installation through an RMM tool would be seamless, but current limitations necessitate direct user intervention and admin rights. Streamlining this process for a more user-friendly experience would significantly enhance the product's appeal to Mac users.
The integration with Autotask could be improved. Currently, it doesn't classify the "installed product" or "configuration item," as they are called in Autotask, preventing automated handling. Additionally, updates could flow more seamlessly to Autotask. Overall, a more enhanced integration would be beneficial.
We have been working on it, but their Rio agent has been having some issues trying to repair itself. I do not know how much of that is on their agent versus some of the things that we have had in place which might have complicated things. It could be due to our existing setups. Additionally, the alert emails differ in format, making automated processing in our PSA more challenging. The alert emails that they send out with the different portions of their product sometimes are not similarly formatted, which makes automatically processing those alerts a bit more difficult in our PSA.
Huntress has a cyber education platform, but it lacks all the languages we need. Since we support customers in different countries, expanding the language options for their training would be beneficial.
One issue is the managed antivirus. Huntress takes control of the antivirus built into Windows Defender, but it doesn't if, for some reason, Defender isn't working properly and doesn't attempt to fix it. We have to fix it with some scripts so that Defender reports correctly to Huntress. It would be nice if they took that action on our behalf. If they saw a problem with Defender, they should roll out a fix.
I had been requesting Huntress support for macOS for a while, and they recently rolled it out, making it generally available within two months. Having a regular support line would be good.
The existing features are perfect. However, I think they could add a more robust set of security features like dark web scanning, penetration testing, and risk assessment for clients. We would have one tool for everything. We wouldn't have to go to multiple vendors to pull something together. That would be more beneficial for us.
Huntress should have a more user-friendly interface because it takes some understanding to work our way through the interfaces. When you log in to the portal, there are many different categories to investigate. It would be good if the solution had a central alerts page to go to first rather than checking into all the categories to see if something needed to be addressed.
The integration with our RMM could be better. That's been one of the tougher things. Having more availability to integrate with RMM is what we need right now. Even though we can create a script, it doesn't always work as seamlessly as it should.
Not every time, but sometimes when we click on the remediation, the auto-resolution of the alert, the screen gets stuck, and I need to contact support so they can confirm the remediation was applied, and they have to close the ticket. Maybe they can add a way to remove unresponsive agents. For example, if I have a client with ten devices, and I deploy Huntress in those ten devices, and for some reason, one device has maybe two or three months offline or not running, maybe they can add automation to remove the agent after a certain amount of time. That way, I will not be paying for a device that has been offline. We do have audits to avoid this. However, it would be useful if the process was automated. In the beginning, we used other antiviruses. If you install SentinelOne or WebRoot, if you check the device, you will see Huntress is installed, however, you will see it is not doing anything since he other antivirus is installed. I know that Huntress has a beta version for Macs, so it is not fully deployed or released. We're waiting for the final version to use it on our Macs.
The pricing could always be lower, however, it already is good value for money. It would be ideal if they could create some incentives to help more partners get clients to onboard it. They should grow their market and spend a bit more time and effort on South Africa.
The product could be improved in terms of customization options available for reports. Specifically, there should be more granular control over report scheduling and the ability to include more specific information.
I'd like it if Huntress could scan for software that's out of date or has open vulnerabilities. That would be useful for us. Scanning for vulnerable software would be helpful. Also, we've set it up to create a ticket in our ticketing system when there's an alert. It would be nice if closing that ticket would also close the Huntress alert. It doesn't do that right now, but they're working on adding that feature.
Their EDR can have increased coverage for Macintosh. They do not fully secure Macintosh computers.
The application control system could benefit from improvements in identifying and managing both whitelisted and blacklisted applications. Additionally, it would be valuable to have the ability to automatically lock down applications identified as potential threats.
We need an API to automatically retrieve metrics and data about backend activity so we can generate client reports. We believe in comprehensive reporting and actively inform our clients about our efforts. Our daily, weekly, and monthly activity reports demonstrate our proactive approach. Currently, Huntress lacks an API to pull this data, hindering our ability to efficiently convey what happened in the past week, month, or quarter, and how it was addressed. An API solution would streamline reporting and enhance client transparency. In addition, we require an external recon report generation system. Ideally, we should be able to select a client and instantly generate a report with a single click. I expressed this need to one of Huntress' developers, emphasizing the importance of user-friendly report access. Such a system would significantly improve our workflow and communication with clients.
The solution's UI is an area with certain shortcomings that need improvement.
The Huntress is not a standalone solution. It really needs to be used with something else such as Microsoft Defender or another antivirus solution. It would be nice to see the product fleshed out by the Huntress team and include the antivirus solution part as well. I want it to be a full-fledged XDR product. It would push the tool to a higher price range but it would be nice to see the fleshed out features. I want them to integrate more features from the XDR realm.
In the next release, I'd like to see more intuitive dashboards.
Some of Huntress' reporting could be improved. Specifically, when we get a notification that something has been investigated and found benign, we don't get any information about which devices the issue was on. It's not until we get an actual action plan for a threat above a certain threshold or representing a certain compromise that we know exactly what device is involved. In the next release, Huntress should include better integration with AV or endpoint detection and other response solutions than Windows Defender.