Alice Chambers |
The Huntress 2025 Cyber Threat Report reveals a surge in sophisticated cyberattacks on businesses of all sizes and industries in 2024. Committed to defending organisations without enterprise budgets, cybersecurity firm Huntress helps all businesses secure their Microsoft environments, combat emerging threats like session theft and complement in-house security teams. Chris Bisnett, chief technology officer and co-founder of Huntress, explains how.
What is Huntress’s mission and primary goal?
We started in 2015 with three founders doing government contracts, but competing with big companies led us to ask: ‘Who are they not selling to, and why?’. Talking to businesses outside of large enterprises, we found that implementing cybersecurity measures was too expensive for them – not just buying and deploying the tools but also developing the expertise to manage them. That led us to an underserved market: businesses below the Fortune 500 that struggle to afford cybersecurity tools or hire experts yet remain prime targets for attacks.
For these businesses, cybersecurity isn’t a priority; it’s a burden. A restaurant owner, for example, is focused on taxes, not security. So, we built solutions tailored to their needs, helping them move above the cybersecurity poverty line.
How are you managing and protecting Microsoft environments?
We protect endpoints with our endpoint detection and response agent and collect logs into our security information and event management product to detect malicious activity. Over the past five years, we’ve focused on securing Microsoft 365 as more businesses migrate from on-premises solutions to the cloud. This shift removes traditional network firewalls, making security more complex. When files are accessible from anywhere, strong controls like multifactor authentication and conditional access are essential. We help businesses implement these measures to secure their workloads.
Huntress provides organisations with an overview of their security operations
Why is session theft a growing concern for cloud security, and how do you detect and respond to these breaches?
We focus on detecting and responding to security breaches. When attackers steal active sessions, often through phishing, they can access cloud data in Microsoft 365 and OneDrive without passwords. Instead of giving them time to exploit this, we alert customers immediately, shut down compromised sessions and force password resets to prevent further damage.
If a company already has a security operations centre team, how does Huntress add value to their security strategy?
We’re often asked, ‘if we use Huntress, what happens to our security team?’. My response is always ‘what else is on your cybersecurity to-do list?’. Companies have a long list of tasks but lack the resources to complete them. Huntress’s fully managed security solutions, combined with its 24/7 security operations centre fuelled by an elite team of threat hunters, oversee routine security alerts, freeing up skilled analysts for more complex work.
Another common question is, ‘if I use Microsoft Defender, why add Huntress?’. We believe in defence in depth. No single tool catches everything. Defender detects some threats we don’t, and vice versa. That’s why Microsoft partners exist. We enhance Defender’s data, layering it with our own insights to improve security management. Our experts then refine this approach, combining automation with human intelligence. It’s not about replacing Defender but strengthening it.
What have you achieved so far as part of the Microsoft Intelligent Security Association (MISA) initiative?
When Microsoft analysed its security product usage, it found that non-enterprise organisations weren’t using their licenses effectively because they didn’t know how to respond to alerts. Our role in the MISA initiative is to help these customers maximise their existing tools to crush hackers.
We’ve also integrated Microsoft’s security tools into our own. Today, we monitor and manage over 1.5 million endpoints, including Microsoft systems, helping our customers get real value from their investments.
Our partnership was solidified at Microsoft Ignite in November 2024, where Microsoft introduced a new SMB designation within the Microsoft Intelligent Security Association. This gives us access to exclusive security events and insights from Microsoft product managers, allowing us to align our services with their roadmap and strengthen the ‘better together’ approach.
Learn about Huntress’s endpoint detection and response solution on the Huntress website
Discover more insights like this in the Spring 2025 issue of Technology Record. Don’t miss out – subscribe for free today and get future issues delivered straight to your inbox.