Traditional SIEM products have long been a staple in large enterprises for aggregating and analyzing security logs. But, their complexity, the sheer volume of data they generate, and their costs have made them largely inaccessible or impractical for the SMB market and MSPs that serve them. Managed threat detection and response provider Huntress is looking to upend the traditional model with its Managed SIEM offering – a fully managed solution that removes these barriers and delivers much more than just compliance.
To drive that effort, Huntress announced GA of its new Managed Security Information and Event Management (SIEM) solution. The company believes its approach to SIEM will help democratize enterprise-grade cybersecurity, making essential capabilities like compliance support, investigation, detection, response, and threat hunting accessible to businesses of all sizes without the hefty price tags, resource drains, or headaches associated with traditional SIEM deployments.
Managed entirely by Huntress' expert 24/7 Security Operations Center (SOC), the solution gives MSPs and their customers the power to detect and neutralize threats earlier in the attack chain than they would with Endpoint Detection and Response (EDR) solutions alone. Huntress says a key benefit is the fast time to value experienced by customers, with experts monitoring their environment from day one. One case in point is an incident where the Huntress SOC discovered an RDP brute force attack less than 15 hours after deployment – faster than the average business.
“Security incidents can happen in minutes, and protection shouldn't be reserved only for companies with big budgets and teams,” said Chris Bisnett, CTO and Co-founder of Huntress. “SIEM providers talk a big game with promises of a single pane of glass, actionable visibility, and improved compliance and security posture, but the reality is complexity, noise, and soaring storage costs. We dropped the big data-lake mentality and built our SIEM to store only the data required for threat hunting and compliance. We are ready to unshackle security teams from lengthy integrations, customizing rules, and sifting through massive amounts of data looking for a needle in a haystack."
With a mission to make enterprise-grade cybersecurity accessible to all companies, Huntress’ GA release includes new and expanded functionality:
- Enhanced log ingestion: With over 20 new integrations, Huntress Managed SIEM can now pull in data from a wider array of sources, including popular firewall, password management, and identity platforms like 1Password, Keeper Security, Fortinet, Palo Alto Networks, and many others.
- 24/7 detection, response, and threat hunting: Huntress’ elite SOC team provides constant vigilance, actively hunting for specific threat actor tradecraft to detect and neutralize even noisy but effective threats like RDP brute force attempts that often evade traditional defenses.
- Accelerated investigations: Expanded detection rules, rapid data rehydration capabilities, and enhanced search functionality enable the Huntress SOC to quickly investigate and remediate risks.
- Extended data retention: The solution offers data retention for up to seven years, supporting region-specific compliance requirements, financial auditing needs, PCI-DSS mandates, CMMC, and the Australian Signals Directorate’s Essential Eight.
- Predictable, stable pricing: Unlike traditional SIEMs with unpredictable storage costs, Huntress' pricing is based on its ability to intelligently store only the necessary data required for threat hunting, investigation, and compliance, making the solution more affordable for SMBs.
By leveraging the expertise of its SOC, which already monitors threats for millions of endpoints and identities, Huntress Managed SIEM provides a form of "herd immunity." Anything the SOC identifies and shuts down for one organization helps the company respond faster and more effectively for others, benefiting the entire Huntress partner ecosystem.
“Huntress Managed SIEM is incredibly beneficial as it seamlessly integrates information from firewalls, endpoints, and antivirus solutions, allowing us to see an incident's full scope, rather than just isolated parts. We have been able to get our clients up and running quickly and provide detailed assessments and actionable remediation steps. Ultimately, Huntress Managed SIEM is an invaluable tool for our business. I'd confidently recommend it to anyone looking to enhance their cybersecurity capabilities, ensure thorough incident analysis, and support rapid recovery efforts.” — Dan Paquette, President of Key Methods, a Huntress partner
At a time with businesses are more susceptible than every to cyber threats – IT environments are becoming increasingly complex and threat actors are becoming more aggressive and savvy – Huntress hopes its Managed SIEM will deliver an opportunity to make robust cybersecurity accessible to all. By removing the traditional barriers of cost, complexity, and resource requirements, Huntress seeks to bring improved security postures to business so they can confidently navigate the ever-evolving threat landscape.
Edited by
Erik Linask
