A Decade of Huntress: Lessons Learned and Innovations Ahead

As the cybersecurity landscape becomes increasingly more volatile and threats rapidly change, cybersecurity firms remain key partners in the channel.

Huntress, a cybersecurity firm approaching its 10-year anniversary, continues its mission to help managed service providers (MSPs) meet the challenges of maintaining a secure posture and supporting in-house IT teams and security professionals.

Transition to multi-product company has paid off for security giant

Over the course of the decade, Huntress has transitioned from a single-product company to a multi-product company, with several lessons learned along the way.

Channel Insider caught up with Andrew Kaiser, VP of Sales at Huntress, to reflect on how far the organization has come and where it may be going.

“Three years ago, we made the transition from being a single product company … to being a multi-product company and the second product that we released was a security awareness training product that was via acquisition of a company called Curricula,” Kaiser said. “Then shortly after, we released a product that is now called ITDR or Identity Threat Detection Response. That was through our own R&D efforts. We learned a lot of lessons there. That it’s not always as easy as you think to transition from having one product to having multiple products.”

According to Kaiser, it took more than a year for Huntress to sell any of the security awareness training products, and this required a significant amount of learning from partners about what it truly takes to manage and deploy a program like this.

With the identity protection product, Kaiser explained that they had gotten it wrong to the extent that some of their partners were publicly telling them that they hadn’t done enough and were missing the mark.

“At one point, our CTO Chris [Bisnett], actually got on Reddit and admitted that: ‘Hey, you know, we dropped the ball here. We could do better, we should do better. You should hold us to a higher standard,’” Kaiser mentioned. “And happy to say now that the feedback on that identity product is overwhelmingly positive.”

Now, Huntress has over two million users that they’re protecting on the IDTR product.

Balancing the desire for perfection with the need for quick innovation

Understanding that the first iteration of what they release will not be the final version has been a guiding principle for how Huntress approaches its business now. It takes great feedback from partners in the community to ensure Huntress understands how big of a difference there might be between what they thought it might look like upon release, versus how people actually use it and what’s important to them.

“We’re really big on transparency so when we make a mistake– which we do– we like to fail in public and iterate quickly,” said Kaiser. “We’re never going to wait for something to be perfect before we ship it. We’re big believers in that if what you’re shipping is something that you think is pretty imperfect, then you probably shipped it too late.”

Kaiser added that they also learned a lot of lessons around how to ensure that they set expectations correctly and to be clear on what they can and can’t do, rather than just focusing on what they can do.

The emerging threats Huntress is keeping an eye on

Threat actors are becoming increasingly sophisticated, and new threats to organizations in cyberspace emerge daily, weekly, and monthly.

“The combination of the attacks being easier to pull off, the number of solutions that are out there to protect against them being a lot lower and a lot less budget being allocated towards those kind of solutions is kind of this perfect storm where ransomware is still a problem and businesses still need to be vigilant and make sure that their layers of endpoint security are protecting against it,” said Kaiser.

Huntress is finding that many companies are unequipped to handle identity-based attacks, costing people a significant amount of money.

Additionally, Kaiser said that he thinks the industry is going to have a crash course in trying to figure out how they’re going to battle threat actors that are using AI and deepfakes, and it is “still something that remains to be seen if you should be using AI to fight AI on the other side.”

Barriers for small MSPs and IT teams

These emerging threats in the industry are particularly dangerous to smaller MSPs and IT teams, as their resources are significantly more limited than those of large enterprises.

“Organizations of all sizes that are kind of under what we would call the cybersecurity poverty line, I would say that the majority of them are not ready to deal with attacks from yesterday– let alone start thinking about how to protect against the attacks of tomorrow when it comes to AI being part of those attacks,” Kaiser explained.

There are numerous tools available that offer impressive features and enhance cyber defense when used correctly, provided you have the time to manage them effectively. However, small businesses and mid-sized organizations have begun to allocate more resources to security.

“The challenge is most organizations, and this is 99 percent of companies out there, don’t have dedicated security teams,” Kaiser said. “They don’t have people that are watching the alerts that those tools spit out every day.”

Kaiser says that Huntress is trying to focus on building something not for the one percent, not for the enterprise that has the unlimited security budget, even though there’s a lot of money there. They want to focus on the other 99 percent of businesses that can’t make use of those tools that already exist.

Everything Huntress does has a managed component, focusing on how to take someone who has a huge amount of responsibility and make it easy for them to be the hero and solve some of the more complex security challenges.

The product future for Huntress: SIEM, posture management top list

Among the key focuses for Huntress going forward is the democratization of SIEM. They released their SIEM product last year, and it was centered on compliance and ensuring businesses that need to retain information and store it for compliance reasons or regulations had the ability to do so.

Kaiser says that Huntress has spent a lot of time more recently examining the benefits on the security efficacy side of things when a customer uses one of their tools with their SIEM tool.

“We’re really trying to get it to a point where there is a very easy case to be made to the small business owner or the mid-sized organization, IT leader or CFO of why you would deploy a SIEM tool in conjunction with one of the other endpoint or identity-based security products that we sell,” said Kaiser. And SIEM has been a really hard one I think for mid-sized organizations to justify if you don’t have that compliance or regulatory requirement.”

Another area Huntress is investing a lot of resources in right now is security posture management. Kaiser says there’s a trend he believes many organizations are falling into, where they spend a lot of money on tools and have a product that they have bought for everything. Still, they fail on many of the basic configurations and best practices that should be implemented before purchasing another layer of security.

Huntress has numerous plans to support partners and customers, both on the identity side and the endpoint, through its R&D efforts, potential acquisitions, and leadership additions.

Jen Easterly joins advisory board

The organization recently brought in former CISA Director Jen Easterly to join its Strategic Advisory Board.

Easterly will provide guidance on addressing critical security challenges faced by organizations and work closely with Huntress to transform its collected threat data into actionable insights and reports that educate the broader cybersecurity community.

“I’ve worked with countless organizations over the years, but Huntress stood out for its exceptional leadership, technical prowess, and unwavering commitment to a mission that truly matters,” Easterly said in a statement.

Kaiser emphasized that cybersecurity is a team sport and that attackers only have to get it right once, while defenders must get it right every single time. Over the last few years, collaboration between competing cybersecurity vendors has increased.

“We’re not going to win this alone by just being Huntress,” Kaiser said. “We’re going to win this by the industry getting together and realizing that there are too many businesses for us to protect that don’t have the resources to do this themselves. The only way we’re going to do that is if we continue to collaborate and kind of play outside of those competitive lines that maybe were a little bit more looked at a bunch of years ago.”

From one organization with a decade of serving the channel to one that is only a few months old, GTIA is working to solidify its footprint in the channel. Read more about GTIA’s latest announcements from ChannelCon.