Today marks one year since Huntress announced the acquisition of Curricula, which is now Huntress Security Awareness Training. This acquisition was especially exciting for all the employees at Huntress—not just because security education is a key part of our mission, but as Curricula customers who had been taking the training ourselves, we loved the highly relatable and memorable stories. It was clear that the content would be effective with employees who might have a hard time believing that state-backed hackers were targeting them but who understand a mischievous (and very clever) kid would use hacker tactics to get concert tickets or as revenge for being deprived of ice cream.
On this one-year anniversary, we’d like to reflect on all the progress we’ve made with the Security Awareness Training product so far and what’s coming next.
What We’ve Learned From DeeDee
Huntress is probably best known for our security experts who protect over 2M endpoints. Our ThreatOps team sees real-world attacks in progress and contributes a great deal to the IT and cybersecurity communities through their technical education. But with new animators, illustrators, writers, and intel from our favorite hacker DeeDee, we saw an opportunity to help educate end users directly on the threats that ThreatOps sees in the real world.
Here are just a few things that the R&D team has been working on:
- Consulting on episodes to prioritize the most important threat vectors and make sure the guidance learners get are best practices
- Helping update existing content to keep up with the most relevant attacks
- Crafting a new simulated phishing scenario every month based on trends they are observing in the real world
Soon, customers and partners will also be able to sign up for Huntress Managed Learning Plans to have the ThreatOps R&D team assign relevant episodes to their learners every month.
Of course, building this high-quality content with stories, illustration, animation and original music takes a lot more work than throwing together a boring PowerPoint deck (that some other solutions do). To deliver more episodes without sacrificing quality, we’ve doubled the size of the creative team (including hiring an animator with his own IMDB page and 33 episodes of South Park under his belt).
Hiring top talent in animation, illustration and production art took some time, but we’re now able to deliver new content and episodes faster than ever before. Recently released episodes include:
- Ransomware 2 - Because the topic is important enough to warrant a new approach
- Insider Threat - A very relevant and important topic in cybersecurity
- Spear Phishing - Because DeeDee doesn’t just do mass phishing campaigns
- Suspicious Events - Rolling out now, this episode focuses on an important part of creating strong cybersecurity culture
We are also in the development of creating a Malvertising episode in response to the prevalence of the Quickbooks plugin scams our ThreatOps team has been finding in our managed EDR partner environments while kicking off work in HIPAA content for our healthcare customers.
Support, Product and Engineering Team Growth
We were fortunate to be able to keep everyone from the Curricula support team and even promote key team members. They have now cross-trained all of Huntress support to the entire Huntress team while staying on as subject matter experts. Even more importantly, they have been able to now set up weekly syncs with product engineering to follow up on bugs reported in the field and to point out areas of customer frustration for us to improve on. Of course, meetings aren’t worth much on their own unless engineering has the cycles to fix the bugs being brought up.
The engineering team (now part of the product team here at Huntress) has also doubled since the acquisition (see a theme here?). This has allowed us to fix bugs quickly and without delaying new features. We ended 2022 with a big bug squash, which has been felt by customers and partners alike. We have also been building out new features based on customer and partner needs.
New features now in production for all users include:
- Ability to sync active/inactive status from Google Workplace
- Improved logging and ability to preview learner syncs
- Application security improvements as part of Huntress’ internal processes and external pen-testing partner
- Learner UI improvements to help learners catch up on assignments
Work in progress:
- Learner group integrations with Microsoft 365 and Google Workplace switching to oauth authentication for faster onboarding
- Ability to ignore unlicensed Microsoft 365 learners in sync
- Ability to deposit messages directly into Microsoft 365 learners via API to eliminate the need for allow-listing
For MSPs and partners, we’ve done a major overhaul of the system and business model to introduce:
- New consumption-based billing model with improved multi-tenant portal
- Ability to log in from the Huntress portal
- Multi-tenant branding
- Multi-tenant custom content
- Multi-tenant phishing simulations
- Multi-tenant learning assignments
What’s Next on the Roadmap?
One of the core tenets of Huntress is to deliver managed solutions that solve real-world problems without adding significant maintenance overhead to already busy IT teams. After eliminating complexity in onboarding, we are going to apply this ethos to Security Awareness Training.
Huntress Managed Learning Plans are going to be made available for both MSPs with multi-tenant management and single-company customers. This means having the option to do a one-click ‘subscribe’ action to get new, relevant assignments monthly with zero action needed from admins. Of course, you can still manually assign any of our episodes or custom episodes you create yourself. We are also excited to dive into major reporting enhancements (including automated reports), delivering Huntress-managed simulated phishing, and further enhancing recovery training.
But as a customer and partner-driven company, we want to hear from you! Make feature requests on our feature request board, or just ask your account manager to set up time to talk to a product manager. We love hearing from you and learning how to help do a better job of protecting the 99% through powerful—and fun—security awareness training.