One issue is the managed antivirus. Huntress takes control of the antivirus built into Windows Defender, but it doesn't if, for some reason, Defender isn't working properly and doesn't attempt to fix it. We have to fix it with some scripts so that Defender reports correctly to Huntress. It would be nice if they took that action on our behalf. If they saw a problem with Defender, they should roll out a fix.
I had been requesting Huntress support for macOS for a while, and they recently rolled it out, making it generally available within two months. Having a regular support line would be good.
The existing features are perfect. However, I think they could add a more robust set of security features like dark web scanning, penetration testing, and risk assessment for clients. We would have one tool for everything. We wouldn't have to go to multiple vendors to pull something together. That would be more beneficial for us.
Huntress should have a more user-friendly interface because it takes some understanding to work our way through the interfaces. When you log in to the portal, there are many different categories to investigate. It would be good if the solution had a central alerts page to go to first rather than checking into all the categories to see if something needed to be addressed.
The integration with our RMM could be better. That's been one of the tougher things. Having more availability to integrate with RMM is what we need right now. Even though we can create a script, it doesn't always work as seamlessly as it should.
Not every time, but sometimes when we click on the remediation, the auto-resolution of the alert, the screen gets stuck, and I need to contact support so they can confirm the remediation was applied, and they have to close the ticket. Maybe they can add a way to remove unresponsive agents. For example, if I have a client with ten devices, and I deploy Huntress in those ten devices, and for some reason, one device has maybe two or three months offline or not running, maybe they can add automation to remove the agent after a certain amount of time. That way, I will not be paying for a device that has been offline. We do have audits to avoid this. However, it would be useful if the process was automated. In the beginning, we used other antiviruses. If you install SentinelOne or WebRoot, if you check the device, you will see Huntress is installed, however, you will see it is not doing anything since he other antivirus is installed. I know that Huntress has a beta version for Macs, so it is not fully deployed or released. We're waiting for the final version to use it on our Macs.
The pricing could always be lower, however, it already is good value for money. It would be ideal if they could create some incentives to help more partners get clients to onboard it. They should grow their market and spend a bit more time and effort on South Africa.
Senior Consultant at a tech services company with 11-50 employees
Real User
Top 20
2024-07-05T11:07:00Z
Jul 5, 2024
The product could be improved in terms of customization options available for reports. Specifically, there should be more granular control over report scheduling and the ability to include more specific information.
Cyber Security Engineer at Apex Computing Services Ltd
Real User
Top 20
2024-07-02T09:24:00Z
Jul 2, 2024
I'd like it if Huntress could scan for software that's out of date or has open vulnerabilities. That would be useful for us. Scanning for vulnerable software would be helpful. Also, we've set it up to create a ticket in our ticketing system when there's an alert. It would be nice if closing that ticket would also close the Huntress alert. It doesn't do that right now, but they're working on adding that feature.
The application control system could benefit from improvements in identifying and managing both whitelisted and blacklisted applications. Additionally, it would be valuable to have the ability to automatically lock down applications identified as potential threats.
CTO at a tech services company with 1-10 employees
Reseller
Top 20
2024-02-05T20:33:00Z
Feb 5, 2024
We need an API to automatically retrieve metrics and data about backend activity so we can generate client reports. We believe in comprehensive reporting and actively inform our clients about our efforts. Our daily, weekly, and monthly activity reports demonstrate our proactive approach. Currently, Huntress lacks an API to pull this data, hindering our ability to efficiently convey what happened in the past week, month, or quarter, and how it was addressed. An API solution would streamline reporting and enhance client transparency. In addition, we require an external recon report generation system. Ideally, we should be able to select a client and instantly generate a report with a single click. I expressed this need to one of Huntress' developers, emphasizing the importance of user-friendly report access. Such a system would significantly improve our workflow and communication with clients.
IT Engineer at a tech services company with 1-10 employees
Real User
Top 5
2023-03-29T10:25:00Z
Mar 29, 2023
The Huntress is not a standalone solution. It really needs to be used with something else such as Microsoft Defender or another antivirus solution. It would be nice to see the product fleshed out by the Huntress team and include the antivirus solution part as well. I want it to be a full-fledged XDR product. It would push the tool to a higher price range but it would be nice to see the fleshed out features. I want them to integrate more features from the XDR realm.
Some of Huntress' reporting could be improved. Specifically, when we get a notification that something has been investigated and found benign, we don't get any information about which devices the issue was on. It's not until we get an actual action plan for a threat above a certain threshold or representing a certain compromise that we know exactly what device is involved. In the next release, Huntress should include better integration with AV or endpoint detection and other response solutions than Windows Defender.
Hackers are constantly evolving, exploiting new vulnerabilities and dwelling in small business environments—until they meet Huntress. Discover the power of managed detection and response backed by ThreatOps.
One issue is the managed antivirus. Huntress takes control of the antivirus built into Windows Defender, but it doesn't if, for some reason, Defender isn't working properly and doesn't attempt to fix it. We have to fix it with some scripts so that Defender reports correctly to Huntress. It would be nice if they took that action on our behalf. If they saw a problem with Defender, they should roll out a fix.
I had been requesting Huntress support for macOS for a while, and they recently rolled it out, making it generally available within two months. Having a regular support line would be good.
The existing features are perfect. However, I think they could add a more robust set of security features like dark web scanning, penetration testing, and risk assessment for clients. We would have one tool for everything. We wouldn't have to go to multiple vendors to pull something together. That would be more beneficial for us.
Huntress should have a more user-friendly interface because it takes some understanding to work our way through the interfaces. When you log in to the portal, there are many different categories to investigate. It would be good if the solution had a central alerts page to go to first rather than checking into all the categories to see if something needed to be addressed.
The integration with our RMM could be better. That's been one of the tougher things. Having more availability to integrate with RMM is what we need right now. Even though we can create a script, it doesn't always work as seamlessly as it should.
Not every time, but sometimes when we click on the remediation, the auto-resolution of the alert, the screen gets stuck, and I need to contact support so they can confirm the remediation was applied, and they have to close the ticket. Maybe they can add a way to remove unresponsive agents. For example, if I have a client with ten devices, and I deploy Huntress in those ten devices, and for some reason, one device has maybe two or three months offline or not running, maybe they can add automation to remove the agent after a certain amount of time. That way, I will not be paying for a device that has been offline. We do have audits to avoid this. However, it would be useful if the process was automated. In the beginning, we used other antiviruses. If you install SentinelOne or WebRoot, if you check the device, you will see Huntress is installed, however, you will see it is not doing anything since he other antivirus is installed. I know that Huntress has a beta version for Macs, so it is not fully deployed or released. We're waiting for the final version to use it on our Macs.
The pricing could always be lower, however, it already is good value for money. It would be ideal if they could create some incentives to help more partners get clients to onboard it. They should grow their market and spend a bit more time and effort on South Africa.
The product could be improved in terms of customization options available for reports. Specifically, there should be more granular control over report scheduling and the ability to include more specific information.
I'd like it if Huntress could scan for software that's out of date or has open vulnerabilities. That would be useful for us. Scanning for vulnerable software would be helpful. Also, we've set it up to create a ticket in our ticketing system when there's an alert. It would be nice if closing that ticket would also close the Huntress alert. It doesn't do that right now, but they're working on adding that feature.
Their EDR can have increased coverage for Macintosh. They do not fully secure Macintosh computers.
The application control system could benefit from improvements in identifying and managing both whitelisted and blacklisted applications. Additionally, it would be valuable to have the ability to automatically lock down applications identified as potential threats.
We need an API to automatically retrieve metrics and data about backend activity so we can generate client reports. We believe in comprehensive reporting and actively inform our clients about our efforts. Our daily, weekly, and monthly activity reports demonstrate our proactive approach. Currently, Huntress lacks an API to pull this data, hindering our ability to efficiently convey what happened in the past week, month, or quarter, and how it was addressed. An API solution would streamline reporting and enhance client transparency. In addition, we require an external recon report generation system. Ideally, we should be able to select a client and instantly generate a report with a single click. I expressed this need to one of Huntress' developers, emphasizing the importance of user-friendly report access. Such a system would significantly improve our workflow and communication with clients.
The solution's UI is an area with certain shortcomings that need improvement.
The Huntress is not a standalone solution. It really needs to be used with something else such as Microsoft Defender or another antivirus solution. It would be nice to see the product fleshed out by the Huntress team and include the antivirus solution part as well. I want it to be a full-fledged XDR product. It would push the tool to a higher price range but it would be nice to see the fleshed out features. I want them to integrate more features from the XDR realm.
In the next release, I'd like to see more intuitive dashboards.
Some of Huntress' reporting could be improved. Specifically, when we get a notification that something has been investigated and found benign, we don't get any information about which devices the issue was on. It's not until we get an actual action plan for a threat above a certain threshold or representing a certain compromise that we know exactly what device is involved. In the next release, Huntress should include better integration with AV or endpoint detection and other response solutions than Windows Defender.