Huntress for the engineer running the deployment
Designing exclusions without blind spots, managing Defender from the Huntress console, enabling ITDR for a Microsoft 365 tenant, running an SAT campaign, and routing alerts into the PSA so nothing falls through the cracks.
Lessons
- 01 ~9 minPolicy and exclusion design without blind spots
Where Huntress is policy-driven and where it isn't, the inheritance model for Managed Defender exclusions, and a discipline for adding exclusions that don't undo the protection you're paying for.
- 02 ~9 minHuntress as a Defender management plane
Recommended Defaults vs partner overrides, the Defender status mapping, the policy-compliance model, and what Huntress can and can't do about Tamper Protection.
- 03 ~10 minEnabling ITDR for a Microsoft 365 tenant
The direct-integration path, what permissions get granted, the data-flow lag, the Identity Security Assessment Report, and the gotchas, GCC High, third-party MFA, and the "all users billable" model.
- 04 ~9 minRunning a Security Awareness Training campaign
How Huntress SAT divides Learners, Assignments, and Phishing campaigns; the allowlisting prerequisite; the baseline-then-trend metrics that make a campaign defensible to the customer.
- 05 ~9 minPSA and RMM integration without the sprawl
One-PSA-at-a-time, the Organization Mapping problem, automatic mapping, sending test tickets, and what closes the loop when the SOC remediates an incident.
- Final quiz
Test what you learned. Wrong answers are explained on the spot.