H

Huntress

Managed security suite for MSPs: EDR, ITDR, SIEM, Defender, SAT.

Huntress is an MSP-native managed security suite. The pillars are Managed EDR (endpoint agent and Process Insights), Managed ITDR (identity threat detection for Microsoft 365 and Google Workspace), Managed SIEM (filtered log ingestion with the SOC reviewing the data), Managed Antivirus (a Defender management plane), and Managed Security Awareness Training. A 24x7 Security Operations Centre triages signals across all of those, confirms compromises, and delivers Incident Reports with concrete remediation steps. MSPs deploy it as the second-line detection layer alongside an RMM and a PSA.

Vendor website ↗
Beginner
Live

Huntress foundations

Settle into the self-paced cadence, name the escalation ceiling, then build the mental model of Huntress as a managed security platform with a 24/7 SOC. Read an Incident Report the right way round, recognise the four product surfaces, navigate the portal without acting on the wrong customer.

~88 min · 11 lessons
11 lessons
Start course
Intermediate
Live

Huntress operations

Daily Huntress work end to end. Onboard and offboard customers from documented runbooks, deploy and lifecycle the EDR agent across endpoints, triage EDR Incident Reports per the SOC's recommendation, and contain Critical incidents while escalating in parallel.

~304 min · 38 lessons
38 lessons
Builds on: Foundations
Start course
Advanced
Live

Huntress judgement and identity

Identity is the biggest blast radius on the platform. Work the ITDR compromise playbook end to end on Microsoft 365 and Google Workspace, triage Managed SIEM Incident Reports without drifting into detection-tuning, communicate cleanly to customers and the SOC, then run the capstone judgement framework against fifteen scored scenarios.

~315 min · 35 lessons
35 lessons
Builds on: Operations
Start course