Cybersecurity agency Huntress has rolled out a pair of latest merchandise geared toward serving to companies shore up safety weaknesses earlier than attackers can exploit them, a shift from the reactive, detect-and-respond mannequin that has lengthy outlined the {industry}.
The corporate introduced Managed Endpoint Safety Posture Administration (ESPM) and Managed Id Safety Posture Administration (ISPM), increasing its platform to deal with what safety consultants say is likely one of the most persistent issues in enterprise safety: misconfigured methods that sit quietly weak till somebody exploits them.
The launch is the most recent step in an aggressive progress push for Huntress, which acquired id safety startup Inside Agent in November 2025. That deal, which introduced specialised experience in Microsoft 365 and Entra ID hardening into the fold, proved to be a fast-track to market. Huntress says it constructed Managed ISPM in below 4 months by drawing on Inside Agent’s capabilities and staff. In the meantime, Managed ESPM was constructed from the bottom up in parallel. The pace of each developments alerts how central posture administration has grow to be to Huntress’s broader platform technique.
The timing is notable. Huntress’s personal analysis discovered that abuse of distant monitoring and administration instruments surged 277% year-over-year, whereas almost 30% of all identity-based threats concerned mailbox manipulation or OAuth abuse, precisely the classes the brand new merchandise are designed to deal with. Ransomware teams and financially motivated menace actors have more and more relied on these vectors exactly as a result of they have an inclination to fall by means of the cracks of conventional endpoint safety instruments.
“Most organisations don’t have a transparent image of their safety posture, particularly throughout endpoints,” mentioned Gabe Knuth, Principal Analyst at Omdia. He famous that on common, a 3rd of office units are unmanaged, with greater than half utterly invisible to safety groups, creating a big blind spot that attackers are solely too joyful to use.
Managed ESPM is designed to provide IT groups management over which purposes can run throughout endpoints. Meaning blocking rogue remote-access instruments, a rising assault vector, implementing configuration requirements, and serving to groups prioritise vulnerability patching by means of a good integration with Microsoft Defender for Endpoint. A compliance reporting dashboard is in-built, with Huntress claiming it might probably minimize attestation time from days to minutes, a significant profit for organisations navigating frameworks like CMMC or CIS benchmarks.
Managed ISPM addresses the id facet, making use of safety insurance policies to Microsoft 365 environments based mostly on a mix of Microsoft’s steerage, {industry} requirements, and methods noticed in real-world assaults. It constantly scans Entra ID and Conditional Entry configurations for gaps. If an unauthorised change is detected, a typical tactic utilized by attackers to ascertain persistence after gaining entry, the product can routinely roll it again inside minutes, earlier than the foothold will be exploited.
What units each merchandise aside from legacy posture administration instruments, in keeping with Huntress, is the diploma to which the corporate’s safety operations centre absorbs the operational burden. Conventional instruments on this area are inclined to floor lengthy lists of findings and go away prospects to prioritise and remediate on their very own, a course of that calls for devoted safety experience most small and mid-sized organisations merely don’t have. Huntress says its analysts actively outline, deploy, and keep safety controls on behalf of purchasers, drawing on menace intelligence gathered from greater than 4 million protected endpoints and 10 million identities.
Chief Product Officer Prakash Ramamurthy framed the launch as a big enlargement of the corporate’s choices. “We see attackers exploiting the identical safety gaps time and again,” he mentioned. “We constructed Managed ESPM and Managed ISPM to shut these gaps earlier than attackers can exploit them. Prospects now get a complete agentic safety platform that not solely stops hackers from getting within the door, but in addition gives the industry-leading menace detection and response they depend on when adversaries do get previous controls.”
Early testers have been encouraging. Tzvi Shoop, a cybersecurity advisor at managed service supplier Digacore, mentioned trialing the endpoint product in the course of the alpha programme proved “transformational” for his staff, permitting Huntress to tackle the continuing work of sustaining consumer environments in a hardened state. He added that the corporate’s transparency all through the method had been a distinguishing issue.
Each merchandise are at the moment accessible by means of an early entry programme, with normal availability anticipated by summer season 2026. Huntress can be showcasing the brand new instruments at RSA Convention at sales space S-3301.
