Cybersecurity company Huntress has announced the general availability of its Managed Identity Security Posture Management (ISPM) service, expanding its Agentic Security Platform with tools that continuously identify and remediate identity security weaknesses across Microsoft 365 environments.
The launch follows an Early Access program involving more than 12,000 Microsoft 365 tenants, where Huntress says it uncovered widespread security issues that could leave organizations vulnerable to account takeovers, business email compromise, unauthorized access, and other identity-based attacks.
According to the company, the release also marks a milestone following its acquisition of Inside Agent less than a year ago, making Huntress the first vendor to offer what it describes as a fully managed Microsoft 365 identity security posture solution.
Early Access shows Microsoft 365 identity gaps
Data collected during the Early Access program highlighted that identity security gaps remain common across organizations.
Huntress said more than 60% of participating Microsoft 365 tenants lacked at least half of the recommended ISPM security controls.
The company also found that 66% of organizations were missing recommended multi-factor authentication (MFA) configurations, while 59% had insufficient restrictions on administrator accounts. Another 55% allowed standard users to perform administrative functions.
Misconfigurations, policy drift, and permissions still cause of many security gaps
To address those issues, Huntress said it deployed tens of thousands of security policies during the program, reporting a rollback rate of less than 0.04%.
“Security gaps caused by misconfigurations, over-permissioned users, and policy drift are more common than many teams realize, and closing them consistently takes the right combination of time, expertise, and tooling,” said Prakash Ramamurthy, chief product officer at Huntress.
“Managed ISPM was built to solve that challenge. In Early Access, it proved it can harden environments safely at scale, and General Availability builds on that with new capabilities that deliver broader coverage, easier onboarding, and smoother policy rollouts. With this product, we’re empowering customers to close identity security gaps we’ve seen that would otherwise turn into incidents, ease the burden on internal teams, and strengthen identity resilience without needing deep domain expertise.”
The company estimates that, if fully implemented, the security improvements introduced through Managed ISPM could have prevented 35% of the identity-related incidents detected by its Managed Identity Threat Detection and Response (ITDR) service over the past six months.
Huntress projects that the figure could increase to 80% by the end of the third quarter of 2026 as additional controls are introduced.
New features target deployment and policy risk
The general availability release expands the platform beyond its Early Access foundation by adding three major features.
Managed ISPM now extends beyond Microsoft Entra ID to include Microsoft Exchange, SharePoint, and Teams, allowing organizations to secure additional areas commonly targeted in business email compromise, privilege escalation, and data theft attacks.
Huntress has also introduced a Learning Mode feature that lets administrators preview which users would be affected before Conditional Access policies are enforced. The company says the capability is intended to reduce concerns about disrupting employees during security policy rollouts.
Another addition is Managed Deployments, through which Huntress guides customers in implementing security policies that are continuously updated using observed attacker techniques, Microsoft’s security recommendations, and industry standards.
Huntress continues to expand security platform
Managed ISPM becomes the latest addition to the Huntress Agentic Security Platform, which also includes endpoint detection and response, identity threat detection and response, security information and event management, security awareness training, and broader security posture management capabilities.
“When you’re supporting a company that’s grown from around 40 people to more than 150 in a year with only a two-person IT team, you need security that can keep up,” said Tarah Martin, IT Support Admin at Meade.
“Managed ITDR has given us confidence by stopping active identity-based threats, and Managed ISPM now gives us that same confidence by finding and fixing identity security gaps before they create incidents. Huntress Managed ISPM helped us see and address that we had more admin accounts than we thought, and understand the risk that created for our business. For a lean team like ours, that kind of visibility and follow-through helps us stay focused on the work that keeps the business growing.”
According to Huntress, the platform currently protects more than 5 million endpoints and 12 million identities worldwide through internal IT teams and managed service providers.