[{"_1":2,"_1770":-5,"_1771":-5},"loaderData",{"_3":4,"_7":8},"root",{"_5":6},"preprod",false,"routes/blog._index",{"_9":10,"_157":255,"_273":274,"_335":336,"_337":338,"_1145":1146,"_1147":51,"_1148":1149,"_1150":1151},"page",{"_11":12,"_13":14,"_15":16,"_17":18,"_19":19,"_20":21,"_34":35,"_45":46,"_47":48,"_49":12,"_50":51,"_52":53,"_54":55,"_56":57,"_58":59,"_60":61,"_172":252,"_253":254},"createdDate",1737878647415,"id","65f3299e49a461b4b9c7296a","name","Blog","modelId","3fa669f9656b425bbe84446dd9c5a7cd","published","meta",{"_22":23,"_24":6,"_25":9,"_26":27},"lastPreviewUrl","https://prod.huntress.com/blog?builder.space=3eb6f92aedf74f109c7b4b0897ec39a8&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2Cadmin%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Admin&builder.user.role.id=admin&builder.cachebust=true&builder.preview=page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.page=65f3299e49a461b4b9c7296a&builder.overrides.65f3299e49a461b4b9c7296a=65f3299e49a461b4b9c7296a&builder.overrides.page:/blog=65f3299e49a461b4b9c7296a&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default","hasLinks","kind","breakpoints",{"_28":29,"_30":31,"_32":33},"xsmall",479,"small",767,"medium",991,"query",[36],{"_37":38,"_39":40,"_41":42,"_43":44},"@type","@builder.io/core:Query","property","urlPath","operator","is","value","/blog","variations",{},"lastUpdated",1747062560084,"firstPublished","testRatio",1,"screenshot","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fb7f93b4988dd4be9b2f279c5db6b8eda","createdBy","Kz459QsZDzNpORbTSiA9L6WRQc23","lastUpdatedBy","XBN8lOXr7QMH6JvQimte3OCtO6c2","folders",[],"data",{"_62":63,"_64":65,"_66":67,"_68":63,"_69":70,"_71":63,"_72":73,"_77":44,"_74":63,"_78":79,"_80":81,"_82":83,"_84":85,"_100":101,"_243":244},"title","","openGraphImage","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F28e05784f2584d25824e4b27c802f97a","openGraphDescription","Cybersecurity is dynamic and ever-changing. Stay up-to-date with the latest information about cyber threats, vulnerabilities, and news on the Huntress blog.","metaDescription","slug","blog","titleTag","metadata",{"_74":67,"_64":75,"_62":76},"description","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F78060584ce444ba5a726170f7951a8ec","Huntress Blog","url","sitemapIndexing",true,"openGraphTitle","Huntress Blog | Huntress","contentTagCategories","DEPRECATED","contentTags",{"_86":87,"_88":89,"_90":91,"_92":93,"_94":95,"_96":97,"_98":99},"funnelStageTags",[],"regionTags",[],"aiGeneratedContentTags",[],"audienceTags",[],"industryTags",[],"productTags",[],"repurposedContentTags",[],"blocks",[102,188,197,220],{"_37":103,"_104":105,"_13":106,"_107":108,"_174":175},"@builder.io/sdk:Element","@version",2,"builder-4304305f148848f68b3ca6d6c71746ce","component",{"_15":109,"_110":111},"BlogFeatureBannerSection","options",{"_112":113,"_120":76,"_121":122,"_123":79,"_124":125},"breadcrumbs",[114,119],{"_115":116,"_117":118},"levelText","Home","levelLinkUrl","/",{"_115":16},"heading","summary","

Welcome to the Huntress Cybersecurity Blog, your go-to spot for staying ahead of\n hackers and boosting your cybersecurity savviness. Our\n blog contributors have focused on\n making cybersecurity education engaging and accessible for everyone.

","showFeaturedBlog","featuredBlog",{"_37":126,"_13":127,"_128":129,"_43":130},"@builder.io/core:Reference","67a67e43a1912da0aa6bde9c","model","blog-posts",{"_34":131,"_58":132,"_11":133,"_13":127,"_15":134,"_17":135,"_19":19,"_20":136,"_60":138,"_45":170,"_47":171,"_49":133,"_50":51,"_54":55,"_56":55,"_172":173},[],[],1742717076617,"Huntress 2025 Cyber Threat Report: Proliferating RATs, Evolving Ransomware, and Other Findings","beafe50240af45639f2b59e6aefd89f9",{"_26":137,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},{"_139":-5,"_15":134,"_140":141,"_142":79,"_72":143,"_148":149,"_155":156,"_157":158,"_164":165,"_69":166,"_167":168,"_121":169},"lastUpdatedDate","canonicalUrl","https://www.huntress.com/blog/huntress-2025-cyber-threat-report-proliferating-rats-evolving-ransomware-and-other-findings","featured",{"_144":6,"_62":145,"_146":6,"_74":147},"noFollow","2025 Cybersecurity Threat Report: Proliferating RATs, Evolving Ransomware, and Other Findings | Huntress","noIndex","Huntress’ 2025 Cyber Threat Report is here! Explore the year's biggest threats—RATs, phishing, ransomware—and how evolving tactics demand smarter defense.","authors",[150],{"_151":152},"author",{"_37":126,"_13":153,"_128":154},"66048598851912ddf28adf1a","people","publishDate","2025-02-11T00:00:00.000Z","categories",[159],{"_160":161},"category",{"_37":126,"_13":162,"_128":163},"65f3299e49a461b4b9c72e4d","blog-categories","thumbnail","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffc25dbb530b84cb79bc232519d83b123?format=webp","huntress-2025-cyber-threat-report-proliferating-rats-evolving-ransomware-and-other-findings","content","

At Huntress, we like to wreck hackers. But to take them down, we first have to understand how they operate. That’s why we created the 2025 Cyber Threat Report—an in-depth exploration of the nasty tactics, trends, and techniques reshaping cybersecurity today.

Here, we highlight key findings from the past year, offering a snapshot of the malicious strategies our analysts uncovered. Whether you’re an IT professional, cybersecurity practitioner, or business owner, these insights can provide actionable guidance to help you stay one step ahead of ever-evolving cyber threats.

Top takeaways from the 2025 Cyber Threat Report

Throughout 2024, Huntress' threat analysts looked at data from thousands of organizations and millions of endpoints, revealing the key trends that show how adaptable and relentless today’s malicious hackers are.

Remote access trojans (RATs) are more popular: Over 75% of remote access incidents utilized RATs such as AsyncRAT and Jupyter. These tools are becoming more sophisticated, making multilayered defenses like endpoint detection and response (EDR) essential.
Remote monitoring and management (RMM) tools are being exploited. Attackers are weaponizing legitimate software like TeamViewer and LogMeIn to facilitate lateral movement and maintain long-term access to systems. For environments that use RMM tools, we highly suggest increasing vigilance, enhancing access controls, and closely monitoring your tools.
Ransomware strategies are evolving: Attacks are shifting from traditional encryption to data theft and extortion. Groups like RansomHub and Akira now incentivize stolen data with big rewards, making these tactics quite lucrative. The future may see ransomware operators leaning even more into extortion (or double extortion) strategies—a trend driven by the efficacy of EDR solutions and mounting pressure from government takedown efforts.
“Living off the land” techniques are on the rise: Threat actors are doubling down on using legitimate tools like Sysinternals Suite and LOLBins to evade detection. Organizations must remove unnecessary software and enforce strict execution policies to mitigate this threat.
Phishing tactics are becoming more advanced: From QR code phishing to brand impersonation, threat actors are deploying clever methods to outsmart traditional email security. Improving security awareness training and implementing layered defenses are more essential than ever to counter these sophisticated techniques.

How these trends took shape in 2024

The findings from our 2025 Cyber Threat Report are grounded in real-world data with a comprehensive view of how malicious hackers operate today. Our threat analysts observed patterns across industries like healthcare, education, government, and manufacturing, and these growing trends stood out:

Infostealers are gaining momentum: Nearly 24% of incidents involved infostealers designed to extract sensitive credentials, financial data, and other private information.
Malicious scripts are surging: Scripts made up 22% of detected attacks, using PowerShell, VBScript, and JavaScript to perform stealthy, efficient attacks.
Ransomware is fragmenting: Despite takedowns of large groups like Hive and LockBit, smaller, flexible affiliates have risen to fill the gap. Unfortunately, this led to more unpredictable, widespread attacks.

\"Industries — Industries targeted by percentage

Why these findings matter

The 2024 cybersecurity landscape exposes a simple yet alarming truth: threat actors aren’t slowing down. Because hackers' tactics and tools are evolving, you must take a proactive approach that prioritizes awareness, preparation, and consistent upgrades to defense strategies.

Understanding the tactics outlined in this report is the first essential step. By educating your teams, using multiple layers of security, and staying informed about emerging risks, you and your organization will be ready to take on any challenges that come your way.

\"Huntress — *Huntress 2025 Cyber Threat Report*

Get more from the report and stay one step ahead

The insights from our 2025 Cyber Threat Report spotlight the critical need to stay ahead of malicious hackers. With tools like RMM software and phishing techniques becoming more advanced, protecting data, systems, and users is an ongoing battle—but one you can win.

While there’s no one-size-fits-all solution, embracing layered defenses, removing unnecessary vulnerabilities, and training your team to spot threats are actionable steps everyone should take right now.

Download the entire 2025 Cyber Threat Report to gain a deeper understanding of these trends and learn more strategies for keeping your organization safe.

","

",{},1744303952880,"rev","f8kf3nq2w8","responsiveStyles",{"_176":177},"large",{"_178":179,"_180":181,"_182":183,"_184":185,"_186":187},"display","flex","flexDirection","column","position","relative","flexShrink","0","boxSizing","border-box",{"_37":103,"_104":105,"_13":189,"_107":190,"_174":195},"builder-4c139472c097464e87c1ec73f00f7381",{"_15":191,"_110":192},"BlogListSection",{"_193":194},"pageSize",15,{"_176":196},{"_178":179,"_180":181,"_182":183,"_184":185,"_186":187},{"_37":103,"_104":105,"_13":198,"_107":199,"_174":218},"builder-09dcd692cdf94623b83c105f1fac9802",{"_15":200,"_110":201},"BlogSignupSection",{"_120":202,"_121":203,"_204":205,"_206":207},"Sign Up for Huntress Updates","Get insider access to Huntress tradecraft, killer events, and the freshest blog updates.","image","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fcb5efa5143804ba59d530a903d29fe5f","blogSignupForm",{"_208":209,"_210":6,"_211":212,"_213":214,"_215":6,"_216":6,"_217":6},"formId","wf-form-Blog-Signup-Form","showFormTitle","submitButtonText","Submit","hubspotFormId","5198e52f-a296-4d78-935d-fe864d69a67a","showBlueGreenGradient","showBluePurpleGradient","useNeverBounce",{"_176":219},{"_178":179,"_180":181,"_182":183,"_184":185,"_186":187},{"_13":221,"_37":103,"_222":223,"_224":225,"_174":235},"builder-pixel-j5pghhp8noo","tagName","img","properties",{"_226":227,"_228":229,"_230":63,"_231":232,"_233":185,"_234":185},"src","https://cdn.builder.io/api/v1/pixel?apiKey=3eb6f92aedf74f109c7b4b0897ec39a8","aria-hidden","true","alt","role","presentation","width","height",{"_176":236},{"_234":185,"_233":185,"_178":237,"_238":185,"_239":240,"_241":242},"inline-block","opacity","overflow","hidden","pointerEvents","none","state",{"_245":176,"_246":247},"deviceSize","location",{"_248":44,"_249":250,"_34":251},"pathname","path",[70],{},"qmu6woa7b3","template","huntress",[256,259,261,264,267,270],{"_13":257,"_15":258},"65f3299e49a461b4b9c72e33","Business Growth",{"_13":162,"_15":260},"Cybersecurity Education",{"_13":262,"_15":263},"65f3299e49a461b4b9c72e34","Cybersecurity Trends",{"_13":265,"_15":266},"65f3299e49a461b4b9c72e8a","Huntress News",{"_13":268,"_15":269},"65f3299e49a461b4b9c72e32","Response to Incidents",{"_13":271,"_15":272},"65f3299e49a461b4b9c72e31","Threat Analysis","featuredBlogPost",{"_13":275,"_15":276,"_60":277},"65f3299e49a461b4b9c7292a","Navigating the SMB Threat Landscape: Key Insights from Huntress’ SMB Threat Report",{"_69":278,"_164":279,"_157":280,"_155":307,"_139":-5,"_148":308,"_142":79},"navigating-the-smb-threat-landscape-key-insights-from-huntress-smb-threat-report","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F25d75ed735a34023a4e0b3e874210f25",[281,295],{"_160":282},{"_37":126,"_13":162,"_128":163,"_43":283},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":286,"_172":294},1739997399371,"b7b51689bde4424484bccde4b9ee6d6b",{"_15":260,"_69":287,"_72":288,"_291":289,"_68":290,"_140":292,"_74":293},"cybersecurity-education",{"_62":289,"_74":290},"Cybersecurity Education Blog Posts | Huntress","Read more about Cybersecurity Education in these Huntress blog posts. ","metaTitle","https://www.huntress.com/blog-categories/cybersecurity-education","

Cybersecurity education should be accessible and actionable, not jargony. Welcome to your hub for mastering the fundamentals and beyond. Get education and advice from our experts to deepen your knowledge and stay ahead of cyber threats—made for all levels.

","jw8tgfqc8co",{"_160":296},{"_37":126,"_13":262,"_128":163,"_43":297},{"_13":262,"_15":263,"_19":19,"_11":298,"_17":285,"_60":299,"_172":306},1739997399701,{"_15":263,"_69":300,"_72":301,"_291":302,"_68":303,"_140":304,"_74":305},"cybersecurity-trends",{"_62":302,"_74":303},"Cybersecurity Trends Blog Posts | Huntress","Read more about Cybersecurity Trends in these Huntress blog posts. ","https://www.huntress.com/blog-categories/cybersecurity-trends","

Stay a step ahead with insights into the latest developments shaping the cybersecurity landscape. From emerging threats to breakthrough technologies, we analyze how these trends impact your security strategy so you can adapt your defenses accordingly.

","8lsprecwsbi","November 21, 2023",[309],{"_151":310},{"_37":126,"_13":153,"_128":154,"_43":311},{"_13":153,"_15":312,"_19":19,"_11":313,"_17":314,"_60":315,"_172":334},"Team Huntress",1742719371598,"d50b5ec346a64579b280b4104dca236e",{"_15":312,"_69":316,"_72":317,"_320":321,"_322":-5,"_323":324,"_325":326},"team-huntress",{"_62":318,"_74":319,"_146":6,"_144":6},"Team Huntress | Huntress","Read blog posts written by the amazing Huntress team on the Huntress Blog.","profileImage","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F94d27b5ca67c40d698b6b9f3f52bc4dc","profileImageAltText","bioDetail","

These resources have been written by some of the fantastic experts on our team. And if they’re at Huntress they’re probably ethical badasses who enjoy working every day to protect small and medium-sized businesses.

Our authors often come from backgrounds in gaming, tech innovation, IT, military intelligence, and a mix of unrelated but awesome careers like teaching, baking, music, law, and graphic design, just to name a few.

We’re a diverse team of pros who love hunting down threats, identifying trends, and writing about what we’re seeing so that everyone can benefit.

Meet more Huntress authors here.

‍

","groups",[327,331],{"_328":329},"group",{"_37":126,"_13":330,"_128":325},"00d1d80145b14a6b87c45567b169a8f4",{"_328":332},{"_37":126,"_13":333,"_128":325},"babc0d8823f34ab894a4431d5b302dc7","b5u9wpkovbm","builderApiKey","3eb6f92aedf74f109c7b4b0897ec39a8","blogPosts",[339,427,542,579,604,712,778,849,879,923,959,984,1029,1074,1100],{"_13":340,"_15":341,"_60":342},"bb398ec6bf0a4987aceb7e74e0545469","Huntress Threat Advisory: The Dangers of Storing Unencrypted Passwords",{"_69":343,"_164":344,"_157":345,"_155":358,"_148":359,"_139":-5,"_425":426},"dangers-of-storing-unencrypted-passwords","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F609f802aaf4d46b8bf95ff59010aeaf5",[346],{"_160":347},{"_37":126,"_13":271,"_128":163,"_43":348},{"_13":271,"_15":272,"_19":19,"_11":349,"_17":285,"_60":350,"_172":357},1739997400726,{"_15":272,"_69":351,"_72":352,"_291":353,"_68":354,"_140":355,"_74":356},"threat-analysis",{"_62":353,"_74":354},"Threat Analysis Blog Posts | Huntress","Read our Threat Analyses in these Huntress blog posts. ","https://www.huntress.com/blog-categories/threat-analysis","

Dive in and nerd out with us on current and emerging cybersecurity threats. We cover attack vectors, threat actors, and new vulnerabilities, providing insights to help you understand and counteract these risks.

","7hskq9iv9la","September 15, 2025",[360,395],{"_151":361},{"_37":126,"_13":362,"_128":154,"_43":363},"bdc2edc788aa4f178528a4ae4f4061d7",{"_11":364,"_13":362,"_15":365,"_17":314,"_19":19,"_20":366,"_34":368,"_60":369,"_45":388,"_47":389,"_49":390,"_50":51,"_54":391,"_56":392,"_58":393,"_172":394},1747415478119,"Michael Elford",{"_25":60,"_26":367,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_322":365,"_370":371,"_320":372,"_15":365,"_373":374,"_69":375,"_376":377,"_378":379,"_380":381,"_72":382,"_325":385},"companyName","Huntress","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fc8e8f3522d004de8b46bac357fbd18a3","lastName","Elford","michael-elford","linkedInUrl","https://www.linkedin.com/in/michael-elford-2a342b8a/","firstName","Michael","jobTitle","Security Operations Analyst, APAC",{"_62":383,"_74":384},"Michael Elford | Huntress","Read blog posts from Michael Elford on the Huntress Blog. ",[386],{"_328":387},{"_37":126,"_13":330,"_128":325},{},1757951427232,1747415548400,"rqPhimgdOfVCrDCbaxcCVZPJeJc2","ksrtPDlNQGhJESnopKjn4sdUP2x1",[],"3e4t27mhbf5",{"_151":396},{"_37":126,"_13":397,"_128":154,"_43":398},"66048bf3351a788121c616ae",{"_34":399,"_58":400,"_11":401,"_13":397,"_15":402,"_17":314,"_19":19,"_20":403,"_60":405,"_45":421,"_47":422,"_49":401,"_50":51,"_54":423,"_56":423,"_172":424},[],[],1742719368644,"Chad Hudson",{"_26":404,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},{"_380":406,"_15":402,"_322":-5,"_320":407,"_323":408,"_376":409,"_72":410,"_370":371,"_413":414,"_69":415,"_325":416},"Senior Hunt & Response Analyst","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F833407826677436f8a7753fbb9f0b3ea","

Turning childhood curiosity into cybersecurity expertise.

Chad Hudson's journey into the world of computers began at a young age, inspired by his father's passion for technology. \"I had always been around computers while growing up,\" Chad recalls. \"My dad was an avid hobbyist into computers and tech. Eventually, it rubbed off onto me and I started copying him as a child and got involved with computers.\"

At Huntress, Chad specializes in the Security Operations Center (SOC) and Hunt & Response. His role involves staying vigilant against cyber threats and responding swiftly to security incidents targeting small and medium-sized businesses. \"Working at Huntress gives me all the warm and fuzzies, knowing we're out here being the cyber 'superheroes' for the SMBs,\" he says. \"It's satisfying waking up each day knowing we're the ones stopping threat actors attempting to punish hardworking companies for a quick buck.\"

What's your favorite cybersecurity tip, Chad?

\"Think before you click. Working in a SOC and contributing to the hunts, a main method I see users falling for is social engineering attacks such as phishing. It's better to take your time when reviewing your emails, going to web pages, and downloading content. In the long run, a few extra seconds of caution can save a world of trouble!\"

Go ahead and give Chad a follow on X: @0xBurgers

‍

","https://www.linkedin.com/in/chadhudsoncybersec/",{"_62":411,"_144":79,"_146":79,"_74":412},"Chad Hudson | Huntress","Read blog posts from Chad Hudson on the Huntress Blog.","xTwitterUrl","https://x.com/0xBurgers","chad-hudson",[417,419],{"_328":418},{"_37":126,"_13":330,"_128":325},{"_328":420},{"_37":126,"_13":333,"_128":325},{},1743718476064,"wAnY6pD8qneav3wmIkWFzKSZXNM2","92uj5lh9g0b","sortDate",["D",1757912400000],{"_13":428,"_15":429,"_60":430},"0caa19398eda4c4a9006f4033b75f73e","How an Attacker’s Blunder Gave Us a Rare Look Inside Their Day-to-Day Operations",{"_69":431,"_164":432,"_157":433,"_155":439,"_148":440,"_139":-5,"_425":541},"rare-look-inside-attacker-operation","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4f81d51c40d244c8b3b5cc5b61561b5b",[434],{"_160":435},{"_37":126,"_13":271,"_128":163,"_43":436},{"_13":271,"_15":272,"_19":19,"_11":349,"_17":285,"_60":437,"_172":357},{"_15":272,"_69":351,"_72":438,"_291":353,"_68":354,"_140":355,"_74":356},{"_62":353,"_74":354},"September 9, 2025",[441,481,514],{"_151":442},{"_37":126,"_13":443,"_128":154,"_43":444},"66048bf7c9e8c5c4746884a7",{"_11":445,"_13":443,"_15":446,"_17":314,"_19":19,"_20":447,"_34":449,"_60":450,"_45":475,"_47":476,"_49":445,"_50":51,"_54":477,"_56":478,"_58":479,"_172":480},1742719352103,"Jamie Levy",{"_25":60,"_22":63,"_26":448},{"_28":29,"_30":31,"_32":33},[],{"_325":451,"_320":459,"_380":460,"_69":461,"_370":371,"_462":463,"_464":465,"_322":-5,"_323":466,"_467":468,"_15":446,"_376":469,"_72":470,"_378":473,"_373":474},[452,454,456],{"_328":453},{"_37":126,"_13":330,"_128":325},{"_328":455},{"_37":126,"_13":333,"_128":325},{"_328":457},{"_37":126,"_13":458,"_128":325},"797c68793452421a98fcd85d40aa6d84","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ff466d74a8f3b4603b6f5a9662a0612c0","Director, Adversary Tactics","jamie-levy","portraitImage","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa50ef9a9091b4b1b953f24c04cee8b3a","specialties","initial access","

Director of Adversary Tactics at Huntress.

Jamie is also a researcher, developer and board member of the Volatility Foundation. She has worked over 15 years in the digital forensics industry, conducting investigations as well as building out software solutions. Jamie is also a co-author of The Art of Memory Forensics, the first book of its kind covering various facets of how to investigate RAM artifacts.

‍

","bioDetailShort","Jamie is also a researcher, developer and board member of the Volatility Foundation. She has worked over 15 years in the digital forensics industry, conducting investigations as well as building out software solutions.","https://www.linkedin.com/in/jlevy77/",{"_74":471,"_146":6,"_144":6,"_62":472},"Read blog posts from Jamie Levy on the Huntress Blog.","Jamie Levy | Huntress","Jamie","Levy",{},1754419073247,"0XU3rreLLCPzgsmuIQDqjlW9xhs2","jUlbsxh3TzMKTX6guQoqpyiR6NT2",[],"4z26lkaxblv",{"_151":482},{"_37":126,"_13":483,"_128":154,"_43":484},"7fb779bf8ddf42fda6c8463ccdf60a68",{"_11":485,"_13":483,"_15":486,"_17":314,"_19":19,"_20":487,"_34":489,"_60":490,"_45":508,"_47":509,"_49":510,"_50":51,"_54":511,"_56":57,"_58":512,"_172":513},1744385801818,"Lindsey O'Donnell-Welch",{"_25":60,"_22":63,"_26":488},{"_28":29,"_30":31,"_32":33},[],{"_376":491,"_320":492,"_323":493,"_373":494,"_495":496,"_72":497,"_378":499,"_380":500,"_322":501,"_69":502,"_370":371,"_325":503,"_15":486},"https://www.linkedin.com/in/lindsey-o-donnell-welch-abb72b4a/","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F037877a541484d86ac239373c502608a","

With more than a decade of experience translating complex security topics into compelling stories, Lindsey brings a sharp editorial eye and a passion for clarity to the Huntress team. Her mission? Breaking down the intricate world of cybersecurity to make it accessible for everyone. It’s one of the many reasons she loves being part of Huntress, where educating the public about threats takes center stage.

Before joining Huntress, Lindsey built her reputation in journalism, covering the intersection of technology and businesses. She’s reported for top cybersecurity publications like Threatpost and Decipher, delivering trusted coverage on everything from the SolarWinds supply chain breach to the SEC’s cybersecurity disclosure rules.

Lindsey’s go-to security advice? “Enable MFA and use a password manager—your future self will thank you.”

When she’s not writing about cyber threats, you’ll likely find her on the tennis court or exploring new trails with her endlessly energetic pup.

","O'Donnell-Welch","altText","Huntress Default Headshot Image",{"_62":486,"_74":498},"Read blog posts from Lindsey O'Donnell-Welch on the Huntress Blog.","Lindsey ","Staff Technical Community Engagement Writer","Lindsey O'Donnell-Welch Huntress ","lindsey-odonnell-welch",[504,506],{"_328":505},{"_37":126,"_13":330,"_128":325},{"_328":507},{"_37":126,"_13":458,"_128":325},{},1754428413667,1744404673182,"0dThli925XPdcsMI4MRs7L7KCv22",[],"xjzw2j016lo",{"_151":515},{"_37":126,"_13":516,"_128":154,"_43":517},"6750bc6fe52d66d8c068be13",{"_11":518,"_13":516,"_15":519,"_17":314,"_19":19,"_20":520,"_34":522,"_60":523,"_45":537,"_47":538,"_49":518,"_50":51,"_54":55,"_56":391,"_58":539,"_172":540},1742719341315,"Michael Tigges",{"_26":521,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_325":524,"_380":406,"_413":529,"_320":530,"_15":519,"_323":531,"_72":532,"_322":-5,"_370":371,"_69":535,"_376":536},[525,527],{"_328":526},{"_37":126,"_13":330,"_128":325},{"_328":528},{"_37":126,"_13":333,"_128":325},"https://x.com/sudo_Rem","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F7dd9df5e1b134c5aad1971e3a7aa0247","

‍Transforming curiosity into cyber defense, one line of code at a time.

Michael Tigges is a Senior Security Operations Analyst at Huntress, where he puts his passion for reverse engineering, threat detection, and partner support into practice. His interest in cybersecurity took off when he began learning Python and dissecting malware lurking in open-source software channels. Today, he holds a B.S. in Cybersecurity from the SANS Technology Institute and a host of certifications, including GPEN, GCFE, GCFA, GCIA, and GCIH.

Before joining Huntress, Michael worked in financial risk analysis for enterprise banking and served eight years of Active Duty in the U.S. Air Force munitions career field, bringing a unique blend of analytical skill, discipline, and operational insight to his role. What he loves most about Huntress is the open atmosphere: “There’s always something interesting going on to learn from,” he says, whether it’s threat intel specialists forming a cohesive threat picture, reverse engineers dissecting malware, or account managers supporting valued partners.

What’s your favorite cybersecurity tip, Michael?

“Never click promotional email links; figure out where they go and navigate yourself. When typing out that domain, you may find it doesn't say what you think it does.”

Outside of work, Michael invests his time in gaming, software engineering, and exploring open-source security projects. He also shares his insights on his personal blog (sudorem.dev) and on X: @sudo_Rem.

‍

",{"_74":533,"_146":6,"_144":6,"_62":534},"Read more blog post from Micheal Tigges on Huntress.com.","Michael Tigges | Huntress","michael-tigges","https://www.linkedin.com/in/michael-tigges/",{},1755095243989,[],"q3ioxo7i9bi",["D",1757394000000],{"_13":543,"_15":544,"_60":545},"496f3b962e004b1bb3493f28c81d6b37","What Is Single Sign-On?",{"_69":546,"_164":547,"_157":548,"_155":555,"_148":556,"_139":-5,"_425":578},"what-is-sso-login","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F7a0ab4a48e994dd19e715bd06c006934",[549],{"_160":550},{"_37":126,"_13":162,"_128":163,"_43":551},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":552,"_172":554},{"_15":260,"_69":287,"_72":553,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"etb9u05utwf","September 8, 2025",[557],{"_151":558},{"_37":126,"_13":559,"_128":154,"_43":560},"673e4076804468f80b5f2555",{"_13":559,"_15":561,"_19":19,"_11":562,"_17":314,"_60":563,"_172":577},"Brenda Buckman",1742719341711,{"_15":561,"_69":564,"_72":565,"_320":568,"_322":-5,"_380":569,"_323":570,"_370":371,"_376":571,"_325":572},"brenda-buckman",{"_62":566,"_74":567,"_146":6,"_144":6},"Brenda Buckman | Huntress","Brenda Buckman is the Senior Director of Digital Web Presence at Huntress, bringing her passion for storytelling and digital innovation to the forefront of our marketing efforts.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fea04d403555644f48db8e600fef9e64d","Senior Director, Web","

A passionate storyteller shaping Huntress's digital presence.

Brenda Buckman is the Senior Director of Digital Web Presence at Huntress, bringing her passion for storytelling and digital innovation to the forefront of our marketing efforts.

\"I love working at Huntress for so many reasons, but what stands out the most is the company’s unwavering commitment to the cybersecurity community and its customers,\" Brenda shares. \"Huntress isn’t just about providing a product; it’s about truly putting people first—ensuring that every decision we make prioritizes the protection and peace of mind of those we serve.\"

Specializing in marketing and digital presence—especially web—Brenda focuses on making cybersecurity more accessible and engaging through compelling digital experiences. She appreciates the Huntress culture of transparency and candor. \"It's refreshing to work in an environment where open communication is encouraged. This level of honesty fosters trust, helps keep everyone on the same page, and enables more collaboration,\" she says.

Before joining Huntress, Brenda worked in the home services industry, managing digital products for on-demand service offerings. Her experience honed her skills in creating user-focused digital experiences and delivering solutions that resonate with audiences.

Brenda is also an avid storyteller outside of her work at Huntress—she’s currently crafting her first novel and immersing herself in captivating books, mainly in the science fiction and fantasy realm. She loves being creative in all aspects of her life, from trying out new crafts and hobbies to hosting themed parties for her friends. Recently, she's picked up mahjong, finding it a fun new challenge. Brenda also enjoys live music, traveling, and exploring new culinary experiences as a foodie. \"Life's an adventure, and I love it!\" she says. We tend to believe her.

Learn more about Brenda at her LinkedIn profile.

‍

","https://www.linkedin.com/in/brenda-buckman-40821342/",[573,575],{"_328":574},{"_37":126,"_13":330,"_128":325},{"_328":576},{"_37":126,"_13":333,"_128":325},"ffnrbanfdui",["D",1757350800000],{"_13":580,"_15":581,"_60":582},"be1c3d917dbe41cfae7500850bb99f91","What Is Multi-Factor Authentication? A Complete Guide to MFA Security",{"_69":583,"_164":584,"_157":585,"_155":591,"_148":592,"_139":-5,"_425":603},"what-is-multi-factor-authentication","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F06c5c2a0f64945719b264134325345a1",[586],{"_160":587},{"_37":126,"_13":162,"_128":163,"_43":588},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":589,"_172":554},{"_15":260,"_69":287,"_72":590,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"September 5, 2025",[593],{"_151":594},{"_37":126,"_13":559,"_128":154,"_43":595},{"_13":559,"_15":561,"_19":19,"_11":562,"_17":314,"_60":596,"_172":577},{"_15":561,"_69":564,"_72":597,"_320":568,"_322":-5,"_380":569,"_323":570,"_370":371,"_376":571,"_325":598},{"_62":566,"_74":567,"_146":6,"_144":6},[599,601],{"_328":600},{"_37":126,"_13":330,"_128":325},{"_328":602},{"_37":126,"_13":333,"_128":325},["D",1757084400000],{"_13":605,"_15":606,"_60":607},"31b58c34ded24b02acb6efb9d62aba31","Obscura, an Obscure New Ransomware Variant",{"_69":608,"_164":609,"_157":610,"_155":616,"_148":617,"_139":-5,"_425":711},"obscura-ransomware-variant","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F68bf71c51ece47989ed30b079c137b43",[611],{"_160":612},{"_37":126,"_13":271,"_128":163,"_43":613},{"_13":271,"_15":272,"_19":19,"_11":349,"_17":285,"_60":614,"_172":357},{"_15":272,"_69":351,"_72":615,"_291":353,"_68":354,"_140":355,"_74":356},{"_62":353,"_74":354},"September 2, 2025",[618,646,661,681],{"_151":619},{"_37":126,"_13":620,"_128":154,"_43":621},"66032c1a34a761fda5e296f5",{"_11":622,"_13":620,"_15":623,"_17":314,"_19":19,"_20":624,"_34":626,"_60":627,"_45":642,"_47":643,"_49":622,"_50":51,"_54":423,"_56":477,"_58":644,"_172":645},1742719371916,"Harlan Carvey",{"_25":60,"_22":63,"_26":625},{"_28":29,"_30":31,"_32":33},[],{"_72":628,"_322":-5,"_325":631,"_323":636,"_376":637,"_370":371,"_15":623,"_320":638,"_380":639,"_69":640,"_462":641},{"_146":6,"_74":629,"_144":6,"_62":630},"Read blog posts from Harlan Carvey, Senior Threat Intelligence Analyst on the Huntress Blog.","Harlan Carvey - Senior Threat Intelligence Analyst | Huntress",[632,634],{"_328":633},{"_37":126,"_13":330,"_128":325},{"_328":635},{"_37":126,"_13":333,"_128":325},"

Hanging out where digital forensics meets incident response and threat intel.

“I was in grad school in 1994, and came across something interesting. The \"finger\" app was described as a 'security vulnerability'. I had no idea why this was the case, so I asked the senior sysadmin for the curriculum. She looked at me, smiled, and walked away without saying a word.” So began Harlan’s affinity for digging into head-scratching security questions.

Harlan is Staff Threat Intel Analyst, Adversary Tactics here at Huntress, poised at the intersection of digital forensics and incident response, threat hunting, and threat intel.

He leverages his extensive 20+ years of DFIR (Digital Forensics and Incident Response) experience to focus on threat intelligence, which is essentially unraveling how threat actors are looking to gain entry on endpoints and finding ways to detect it sooner in the attack cycle. Prior to Huntress, Harlan ran the internal SOC at EY. \t

But he doesn’t keep it all to himself, Harlan is an accomplished public speaker, writer, innovative researcher, and analyst. As a published author (besides the below blog posts!), Harlan has published 9 books, including the first book of its kind offering an analysis of the Windows Registry.

When he’s not at work, Harlan enjoys programming in Perl, reading, writing, and working around the farm.

‍

What's your favorite cybersecurity tip, Harlan?
“Do the basics well, beginning with an asset inventory and attack surface reduction.”

‍

","https://www.linkedin.com/in/harlan-carvey-86a8694b/","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffa69b31eae1e4264b7c12bcfa5e0f9a5","Staff Threat Intelligence Analyst","harlan-carvey","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F110b52ecaef146ec9ea537d88a5ab596",{},1752677471801,[],"33ushcnwi5v",{"_151":647},{"_37":126,"_13":483,"_128":154,"_43":648},{"_11":485,"_13":483,"_15":486,"_17":314,"_19":19,"_20":649,"_34":651,"_60":652,"_45":659,"_47":509,"_49":510,"_50":51,"_54":511,"_56":57,"_58":660,"_172":513},{"_25":60,"_22":63,"_26":650},{"_28":29,"_30":31,"_32":33},[],{"_376":491,"_320":492,"_323":493,"_373":494,"_495":496,"_72":653,"_378":499,"_380":500,"_322":501,"_69":502,"_370":371,"_325":654,"_15":486},{"_62":486,"_74":498},[655,657],{"_328":656},{"_37":126,"_13":330,"_128":325},{"_328":658},{"_37":126,"_13":458,"_128":325},{},[],{"_151":662},{"_37":126,"_13":663,"_128":154,"_43":664},"662a8eb64d55ba142210c843",{"_13":663,"_15":665,"_19":19,"_11":666,"_17":314,"_60":667,"_172":680},"Alden Schmidt",1742719348297,{"_15":665,"_69":668,"_72":669,"_320":672,"_322":-5,"_380":673,"_370":371,"_376":674,"_325":675},"alden-schmidt",{"_62":670,"_74":671,"_146":6,"_144":6},"Alden Schmidt | Huntress","Read blog posts from Alden Schmidt on the Huntress Blog.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fb864e24300dc465ba8ec3b06d5ee8718","Senior Detection Engineer","https://www.linkedin.com/in/aldenschmidt/",[676,678],{"_328":677},{"_37":126,"_13":330,"_128":325},{"_328":679},{"_37":126,"_13":333,"_128":325},"z49w589rphi",{"_151":682},{"_37":126,"_13":683,"_128":154,"_43":684},"dae057447f3d420e8155f696ef55e2f7",{"_11":685,"_13":683,"_15":686,"_17":314,"_19":19,"_20":687,"_34":689,"_60":690,"_45":706,"_47":707,"_49":708,"_50":51,"_54":392,"_56":392,"_58":709,"_172":710},1756905625674,"Anna Pham ",{"_22":63,"_26":688,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_320":691,"_69":692,"_15":686,"_373":693,"_322":694,"_380":406,"_370":695,"_72":696,"_378":699,"_325":700,"_323":703,"_376":704,"_413":705},"https://ca.slack-edge.com/T095F397A-U092QEW6D8S-f16503dc82b8-512","anna-pham","Pham ","Anna Pham","Huntress ",{"_62":697,"_74":698},"Anna Pham | Huntress ","Read blog posts from Anna Pham on the Huntress Blog. ","Anna",[701],{"_328":702},{"_37":126,"_13":330,"_128":325},"

Anna is a seasoned cybersecurity professional specializing in malware reverse engineering, threat hunting, and response. With a GIAC Reverse Engineering Malware Certification (GREM) and a career spanning roles at eSentire, Toyota, and Palo Alto, Anna brings a wealth of expertise and relentless drive to protect businesses from cyber threats.

At Huntress, Anna thrives on the proactive approach of hunting down threats before they can harm businesses of all sizes, finding immense satisfaction in making a tangible difference.

Her favorite cybersecurity tip? “Modern attackers don’t hack systems—they hack people. Be your own firewall.”

Outside of work, Anna is a self-proclaimed malware detective, capable of identifying malware families by their file artifacts. When she’s not researching cybercriminals, she’s perfecting her medium-rare steak.

Connect with her on LinkedIn, X, or her blog, TRAC Labs.

","https://www.linkedin.com/in/anna-p-868921105/","https://x.com/RussianPanda9xx",{},1757520275382,1756905768218,[],"6gq40ccepga",["D",1756839600000],{"_13":713,"_15":714,"_60":715},"05a79aee80ac48dd8ca236b53f3aa093","Cloudy with a Chance of Misinformation: Debunking Microsoft 365 & Identity Myths",{"_69":716,"_164":717,"_157":718,"_155":616,"_148":724,"_139":-5,"_425":777},"debunking-microsoft-365-identity-myths","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F54a8782ad64f4e05b54657a7d49b3e70",[719],{"_160":720},{"_37":126,"_13":162,"_128":163,"_43":721},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":722,"_172":554},{"_15":260,"_69":287,"_72":723,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},[725,746],{"_151":726},{"_37":126,"_13":727,"_128":154,"_43":728},"66c4a5f5c697227629494db5",{"_13":727,"_15":729,"_19":19,"_11":730,"_17":314,"_60":731,"_172":745},"Erin Meyers",1742719344684,{"_15":729,"_69":732,"_72":733,"_320":736,"_322":-5,"_380":737,"_323":738,"_370":371,"_376":739,"_325":740},"erin-meyers",{"_62":734,"_74":735,"_146":6,"_144":6},"Erin Meyers | Huntress","Read blog posts from Erin Meyers on the Huntress Blog.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fad7f16e4f0974641bd481e662e010d70","Principal Product Marketing Manager","

Bridging people and technology to deliver impactful cybersecurity solutions.

Erin Meyers is the Principal Product Marketing Manager at Huntress, where her passion for connecting people and technology drives her work in Managed Detection & Response (MDR) and Identity Threat Detection & Response (ITDR).

Before joining Huntress, Erin was a Senior Manager of Product Marketing for MDR and Offensive Security Services at Bitdefender, where she honed her expertise in crafting solutions tailored to evolving security challenges.

Her favorite cybersecurity tip is as straightforward as it gets: “Patch.”

Outside of work, Erin enjoys cooking, photography, yoga, and binge-watching documentaries. But nothing tops spending time with her two adorable Cavalier King Charles Spaniels, who are always by her side. Whether she’s brainstorming marketing strategies or perfecting a recipe, Erin brings the same energy and dedication to everything she does.

Learn more about Erin over at her LinkedIn page.

","https://www.linkedin.com/in/erincmeyers/",[741,743],{"_328":742},{"_37":126,"_13":330,"_128":325},{"_328":744},{"_37":126,"_13":333,"_128":325},"6eduvfbu26",{"_151":747},{"_37":126,"_13":748,"_128":154,"_43":749},"666b3dbc52efca5a09d2771c",{"_34":750,"_58":751,"_11":752,"_13":748,"_15":753,"_17":314,"_19":19,"_20":754,"_60":756,"_45":773,"_47":774,"_49":775,"_50":51,"_54":55,"_56":423,"_172":776},[],[],1742719347616,"Dave Kleinatland",{"_25":60,"_26":755,"_22":63},{"_28":29,"_30":31,"_32":33},{"_376":757,"_373":758,"_378":759,"_322":-5,"_370":371,"_323":760,"_69":761,"_15":753,"_325":762,"_380":767,"_72":768,"_413":771,"_320":772},"https://www.linkedin.com/in/dkleinatland/","Kleinatland","Dave","

From self-taught technologist to cybersecurity advocate for SMBs.

Dave Kleinatland began his journey in IT back in 1996, immersing himself in technology at a time when formal training was scarce. \"I'm almost entirely self-taught,\" Dave shares. \"When I got started in the late '90s, there wasn't really any formal training for 'fixing computers and networks for small businesses.' I also simply couldn't afford 'professional' or 'institutional' training.\"

Throughout his career, cybersecurity was always an important facet of Dave's roles, even if it wasn't his sole focus. In the later stages, he honed in on business continuity and disaster recovery, zeroing in on the aftermath of cyber-related events. \"This piqued my interest in preventing or reducing the effects of these incidents to make recovery times shorter,\" he explains. A class offered by Huntress became the catalyst for his career change into a cybersecurity-focused role at the company.

At Huntress, Dave primarily concentrates on two key areas: addressing the needs of Channel (MSP) Partners and integrating with their businesses and toolsets, and serving as a Subject Matter Expert for Microsoft 365-based technologies they develop. \"What I love about working for Huntress is that it gives me a larger platform to serve the SMB community,\" he says. \"You'd run into your partners at the grocery store or local restaurants and have a good rapport with them. It feels pretty good to help enable our Partners to serve their local communities.\"

Before joining Huntress, Dave was a Technical Director and Engineer at a Managed Service Provider. His diverse background includes roles as an IT director in the general contractor space, managing access control technology in the hospitality industry, integrating enterprise messaging systems in the SMB space (Microsoft Exchange), and serving as an all-around technologist for various SMBs as a consultant.

What's your favorite cybersecurity tip, Dave?

\"Don't skip the basics. A lot of what's out there focuses heavily on the latest threat du jour or the sexy nation-state attacks, but having your basics covered is by far THE single most important thing you can do to shore up your security posture. Most incidents I've worked started with some very basic simple thing that was overlooked or misconfigured.\"

Outside of work, Dave is an avid vintage computer and video game system collector, even performing component-level repairs to bring these systems back to life. He also has an affinity for '80s and '90s Japanese sports cars and enjoys working on them in his shop. Additionally, Dave serves as an emergency communications volunteer as a District Emergency Coordinator (DEC) for the Amateur Radio Emergency Service (ARES) in Louisiana, providing communications assistance for various natural disasters and community events, most notably Hurricane Katrina.

Give Dave a follow on X: @DaveKleinatland

And don’t forget to check out Dave’s LinkedIn.

‍

","dave-kleinatland",[763,765],{"_328":764},{"_37":126,"_13":330,"_128":325},{"_328":766},{"_37":126,"_13":333,"_128":325},"Principal Product Researcher",{"_74":769,"_62":770,"_146":6,"_144":6},"Read blog posts from David Kleinatland on the Huntress Blog.","Dave Kleinatland | Huntress","https://x.com/DaveKleinatland","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F926e28184dc34b59bc6a037d7fc16fcf",{},1743718497030,1742791686793,"enns19yjt3u",["D",1756789200000],{"_13":779,"_15":780,"_60":781},"281b6f4ab4414a86bf2aa1bc640e203d","The ClickFix Attack That Wasn’t: From a Fake AnyDesk Installer to MetaStealer",{"_69":782,"_164":783,"_157":784,"_155":790,"_148":791,"_139":-5,"_425":848},"fake-anydesk-clickfix-metastealer-malware","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F49a2e4eef06848d68458d64690b38aeb",[785],{"_160":786},{"_37":126,"_13":271,"_128":163,"_43":787},{"_13":271,"_15":272,"_19":19,"_11":349,"_17":285,"_60":788,"_172":357},{"_15":272,"_69":351,"_72":789,"_291":353,"_68":354,"_140":355,"_74":356},{"_62":353,"_74":354},"August 29, 2025",[792,823,833],{"_151":793},{"_37":126,"_13":794,"_128":154,"_43":795},"66048bf51de5bd420f2f2608",{"_11":796,"_13":794,"_15":797,"_17":314,"_19":19,"_20":798,"_34":800,"_60":801,"_45":819,"_47":820,"_49":796,"_50":51,"_54":477,"_56":477,"_58":821,"_172":822},1742719359732,"John Hammond",{"_26":799,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_320":802,"_380":803,"_323":804,"_69":805,"_15":797,"_376":806,"_325":807,"_812":813,"_370":371,"_413":814,"_72":815,"_322":-5,"_462":818},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F0ebcc8e098b842e3b6c5d44ae153b485","Principal Security Researcher","

Capturing flags, thwarting threats, and making cybersecurity accessible one endpoint at a time.

John Hammond, a Principal Security Researcher at Huntress, discovered his passion for cybersecurity as an undergraduate at the US Coast Guard Academy, where competing in a “Cyberstakes” capture the flag event opened his eyes to vulnerabilities, exploits, and hacker tradecraft. At Huntress, he focuses on endpoint security, digging into living-off-the-land techniques and obfuscated scripting payloads.

With a stack of certifications—including LFCS, PCAP, CompTIA Security+, CEH, eJPT, eCPPT, OSCP, OSCE (classic and 3), OSWP, OSEP, OSED, and OSWE—John brings serious technical prowess to the team. He’s honored to have received the RITA Award at Wild West Hacking Fest from Black Hills Information Security, and he credits the supportive, mission-driven environment at Huntress for enabling him to do meaningful work.

John is also an active voice in the community, sharing his experience through these Huntress on-demand webinars:

Before joining Huntress, John served as an instructor and curriculum developer with the Department of Defense Cyber Crime Center and Cyber Training Academy, and later as a Red Team Cyber Operator at the Defense Threat Reduction Agency.

His top cybersecurity tip is a simple one: “Use a password manager—seriously!!”

Outside of work, John loves spending time with his family and taking the rest he needs to stay sharp. He also shares his life with two dogs, Bam Bam and Pebbles—named after the beloved Flintstones characters, of course.

Give John a follow on his socials:

‍

","john-hammond","https://www.linkedin.com/in/johnhammond010/",[808,810],{"_328":809},{"_37":126,"_13":330,"_128":325},{"_328":811},{"_37":126,"_13":333,"_128":325},"instagramUrl","https://www.instagram.com/_johnhammond/","https://twitter.com/_johnhammond",{"_144":6,"_74":816,"_62":817,"_146":6},"Read blog posts from John Hammond on the Huntress Blog.","John Hammond - Principal Security Researcher | Huntress","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F7743d3ad18734d4697f9e4aa467e670b",{},1752677471317,[],"x1fw5sv9qa",{"_151":824},{"_37":126,"_13":663,"_128":154,"_43":825},{"_13":663,"_15":665,"_19":19,"_11":666,"_17":314,"_60":826,"_172":680},{"_15":665,"_69":668,"_72":827,"_320":672,"_322":-5,"_380":673,"_370":371,"_376":674,"_325":828},{"_62":670,"_74":671,"_146":6,"_144":6},[829,831],{"_328":830},{"_37":126,"_13":330,"_128":325},{"_328":832},{"_37":126,"_13":333,"_128":325},{"_151":834},{"_37":126,"_13":483,"_128":154,"_43":835},{"_11":485,"_13":483,"_15":486,"_17":314,"_19":19,"_20":836,"_34":838,"_60":839,"_45":846,"_47":509,"_49":510,"_50":51,"_54":511,"_56":57,"_58":847,"_172":513},{"_25":60,"_22":63,"_26":837},{"_28":29,"_30":31,"_32":33},[],{"_376":491,"_320":492,"_323":493,"_373":494,"_495":496,"_72":840,"_378":499,"_380":500,"_322":501,"_69":502,"_370":371,"_325":841,"_15":486},{"_62":486,"_74":498},[842,844],{"_328":843},{"_37":126,"_13":330,"_128":325},{"_328":845},{"_37":126,"_13":458,"_128":325},{},[],["D",1756443600000],{"_13":850,"_15":851,"_60":852},"51d7d54aabfc49328e3aae3a6355d026","Journey to the Center of the Dark Web: A Tradecraft Tuesday Recap",{"_69":853,"_164":854,"_157":855,"_155":861,"_148":862,"_139":-5,"_425":878},"journey-to-center-of-dark-web-tradecraft-tuesday-recap","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F01956cbac4e54c6583786988f22f6b02",[856],{"_160":857},{"_37":126,"_13":162,"_128":163,"_43":858},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":859,"_172":554},{"_15":260,"_69":287,"_72":860,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"August 27, 2025",[863],{"_151":864},{"_37":126,"_13":483,"_128":154,"_43":865},{"_11":485,"_13":483,"_15":486,"_17":314,"_19":19,"_20":866,"_34":868,"_60":869,"_45":876,"_47":509,"_49":510,"_50":51,"_54":511,"_56":57,"_58":877,"_172":513},{"_25":60,"_22":63,"_26":867},{"_28":29,"_30":31,"_32":33},[],{"_376":491,"_320":492,"_323":493,"_373":494,"_495":496,"_72":870,"_378":499,"_380":500,"_322":501,"_69":502,"_370":371,"_325":871,"_15":486},{"_62":486,"_74":498},[872,874],{"_328":873},{"_37":126,"_13":330,"_128":325},{"_328":875},{"_37":126,"_13":458,"_128":325},{},[],["D",1756270800000],{"_13":880,"_15":881,"_60":882},"fa2399514146484893836470e5438e57","Should MSPs Turn Off Google Gemini?",{"_69":883,"_164":884,"_157":885,"_155":891,"_148":892,"_139":-5,"_425":922},"google-gemini-phishing-risks","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fc408dad738614ca2a24754c9dbdec495",[886],{"_160":887},{"_37":126,"_13":162,"_128":163,"_43":888},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":889,"_172":554},{"_15":260,"_69":287,"_72":890,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"August 26, 2025",[893],{"_151":894},{"_37":126,"_13":895,"_128":154,"_43":896},"7eadf16770164b6e8f7d3b13cc7c8c55",{"_11":897,"_13":895,"_15":898,"_17":314,"_19":19,"_20":899,"_34":901,"_60":902,"_45":917,"_47":918,"_49":919,"_50":51,"_54":392,"_56":392,"_58":920,"_172":921},1747774576925,"Lizzie Danielson",{"_22":63,"_25":60,"_26":900},{"_28":29,"_30":31,"_32":33},[],{"_378":903,"_15":898,"_373":904,"_376":905,"_380":906,"_325":907,"_322":910,"_69":911,"_370":371,"_72":912,"_320":915,"_323":916},"Lizzie","Danielson","https://www.linkedin.com/in/lizzie-danielson/","SEO Manager, Content",[908],{"_328":909},{"_37":126,"_13":330,"_128":325},"Lizzie Danielson Huntress ","lizzie-danielson",{"_74":913,"_62":914},"Read blog posts from Lizzie Danielson on the Huntress Blog. ","Lizzie Danielson | Huntress ","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd18d166790984250b1b7e693c58662df","

Lizzie Danielson brings a sharp eye for strategy and a deep love for storytelling to her role at Huntress. She first discovered her passion for cybersecurity while working at a digital marketing agency that specialized in supporting MSPs and MSSPs. What started as a curiosity quickly became a calling, leading her to dive deeper into the industry, eventually landing at a leading MSSP, before returning to her roots in marketing.

At Huntress, Lizzie blends technical insight with creative execution to help make cybersecurity knowledge accessible for businesses of all sizes. She’s driven by the company’s mission to protect all businesses in an increasingly hostile cyber landscape—and energized by the brilliant minds she gets to collaborate with every day.

When she’s not crafting content, Lizzie enjoys bird watching, thrifting, baking sourdough, and exploring Florida with her fiancé and three beloved “barketing assistants.”

",{},1752685085567,1747775018230,[],"wdlpy1blvij",["D",1756220400000],{"_13":924,"_15":925,"_60":926},"65f3299e49a461b4b9c72db7","What Is Threat Hunting?",{"_69":927,"_164":928,"_157":929,"_155":935,"_139":936,"_148":937,"_142":6,"_425":958},"what-is-threat-hunting","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ff51f984c62e549cbbe9b13889546d83d",[930],{"_160":931},{"_37":126,"_13":162,"_128":163,"_43":932},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":933,"_172":294},{"_15":260,"_69":287,"_72":934,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"October 14, 2022","August 25, 2025",[938],{"_151":939},{"_37":126,"_13":940,"_128":154,"_43":941},"66048bf3ba26329f8f02b90d",{"_13":940,"_15":942,"_19":19,"_11":943,"_17":314,"_60":944,"_172":957},"Anthony Smith",1742719369327,{"_15":942,"_69":945,"_72":946,"_320":949,"_322":-5,"_323":950,"_376":951,"_325":952},"anthony-smith",{"_62":947,"_74":948,"_146":6,"_144":6},"Anthony Smith | Huntress","Read blog posts from Anthony Smith on the Huntress Blog.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F350148e3dadb4ff8b1c465995ce75bcd","

Researcher. Detection Engineering. Veteran. Bad Guy Finder.

Former Threat Hunter at Huntress.

‍

","https://www.linkedin.com/in/anthony-c-smith/",[953,955],{"_328":954},{"_37":126,"_13":330,"_128":325},{"_328":956},{"_37":126,"_13":333,"_128":325},"4s49c62j44p",["D",1756141200000],{"_13":960,"_15":961,"_60":962},"f1a69e61f5714facab7f62d57c911688","A Look Back at the Most Influential Cyber Threats: A Decade, Defined ",{"_69":963,"_164":964,"_157":965,"_155":936,"_148":971,"_139":-5,"_425":983},"huntress-top-ten-decade-in-cybersecurity","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fe449577efdaa4c98be50f2b5d820645f",[966],{"_160":967},{"_37":126,"_13":162,"_128":163,"_43":968},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":969,"_172":554},{"_15":260,"_69":287,"_72":970,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},[972],{"_151":973},{"_37":126,"_13":153,"_128":154,"_43":974},{"_13":153,"_15":312,"_19":19,"_11":313,"_17":314,"_60":975,"_172":982},{"_15":312,"_69":316,"_72":976,"_320":321,"_322":-5,"_323":324,"_325":977},{"_62":318,"_74":319,"_146":6,"_144":6},[978,980],{"_328":979},{"_37":126,"_13":330,"_128":325},{"_328":981},{"_37":126,"_13":333,"_128":325},"iymkp5z8fg",["D",1756098000000],{"_13":985,"_15":986,"_60":987},"ee57218de0e8436fbe97d6eeaef158a1","Cephalus Ransomware: Don’t Lose Your Head",{"_69":988,"_164":989,"_157":990,"_155":996,"_148":997,"_139":-5,"_425":1028},"cephalus-ransomware","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F98e607252c0341b6a13cd6ee1ac16af9",[991],{"_160":992},{"_37":126,"_13":271,"_128":163,"_43":993},{"_13":271,"_15":272,"_19":19,"_11":349,"_17":285,"_60":994,"_172":357},{"_15":272,"_69":351,"_72":995,"_291":353,"_68":354,"_140":355,"_74":356},{"_62":353,"_74":354},"August 21, 2025",[998,1013],{"_151":999},{"_37":126,"_13":620,"_128":154,"_43":1000},{"_11":622,"_13":620,"_15":623,"_17":314,"_19":19,"_20":1001,"_34":1003,"_60":1004,"_45":1011,"_47":643,"_49":622,"_50":51,"_54":423,"_56":477,"_58":1012,"_172":645},{"_25":60,"_22":63,"_26":1002},{"_28":29,"_30":31,"_32":33},[],{"_72":1005,"_322":-5,"_325":1006,"_323":636,"_376":637,"_370":371,"_15":623,"_320":638,"_380":639,"_69":640,"_462":641},{"_146":6,"_74":629,"_144":6,"_62":630},[1007,1009],{"_328":1008},{"_37":126,"_13":330,"_128":325},{"_328":1010},{"_37":126,"_13":333,"_128":325},{},[],{"_151":1014},{"_37":126,"_13":483,"_128":154,"_43":1015},{"_11":485,"_13":483,"_15":486,"_17":314,"_19":19,"_20":1016,"_34":1018,"_60":1019,"_45":1026,"_47":509,"_49":510,"_50":51,"_54":511,"_56":57,"_58":1027,"_172":513},{"_25":60,"_22":63,"_26":1017},{"_28":29,"_30":31,"_32":33},[],{"_376":491,"_320":492,"_323":493,"_373":494,"_495":496,"_72":1020,"_378":499,"_380":500,"_322":501,"_69":502,"_370":371,"_325":1021,"_15":486},{"_62":486,"_74":498},[1022,1024],{"_328":1023},{"_37":126,"_13":330,"_128":325},{"_328":1025},{"_37":126,"_13":458,"_128":325},{},[],["D",1755810000000],{"_13":1030,"_15":1031,"_60":1032},"6c69460ed3e64413a34625e1fbf87c8b","Exposing Data Exfil: LOLBins, TTPs, and Binaries…Oh, My!",{"_69":1033,"_164":1034,"_157":1035,"_155":1041,"_148":1042,"_139":-5,"_425":1073},"exposing-data-exfiltration-lolbin-ttp-binaries","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fe177077968b84f71a887ed2884bae0df",[1036],{"_160":1037},{"_37":126,"_13":271,"_128":163,"_43":1038},{"_13":271,"_15":272,"_19":19,"_11":349,"_17":285,"_60":1039,"_172":357},{"_15":272,"_69":351,"_72":1040,"_291":353,"_68":354,"_140":355,"_74":356},{"_62":353,"_74":354},"August 19, 2025",[1043,1058],{"_151":1044},{"_37":126,"_13":620,"_128":154,"_43":1045},{"_11":622,"_13":620,"_15":623,"_17":314,"_19":19,"_20":1046,"_34":1048,"_60":1049,"_45":1056,"_47":643,"_49":622,"_50":51,"_54":423,"_56":477,"_58":1057,"_172":645},{"_25":60,"_22":63,"_26":1047},{"_28":29,"_30":31,"_32":33},[],{"_72":1050,"_322":-5,"_325":1051,"_323":636,"_376":637,"_370":371,"_15":623,"_320":638,"_380":639,"_69":640,"_462":641},{"_146":6,"_74":629,"_144":6,"_62":630},[1052,1054],{"_328":1053},{"_37":126,"_13":330,"_128":325},{"_328":1055},{"_37":126,"_13":333,"_128":325},{},[],{"_151":1059},{"_37":126,"_13":483,"_128":154,"_43":1060},{"_11":485,"_13":483,"_15":486,"_17":314,"_19":19,"_20":1061,"_34":1063,"_60":1064,"_45":1071,"_47":509,"_49":510,"_50":51,"_54":511,"_56":57,"_58":1072,"_172":513},{"_25":60,"_22":63,"_26":1062},{"_28":29,"_30":31,"_32":33},[],{"_376":491,"_320":492,"_323":493,"_373":494,"_495":496,"_72":1065,"_378":499,"_380":500,"_322":501,"_69":502,"_370":371,"_325":1066,"_15":486},{"_62":486,"_74":498},[1067,1069],{"_328":1068},{"_37":126,"_13":330,"_128":325},{"_328":1070},{"_37":126,"_13":458,"_128":325},{},[],["D",1755612000000],{"_13":1075,"_15":1076,"_60":1077},"e9f9e5b5b8004f6aa577ef093dcd1ec7","90 Business-Critical Data Breach Statistics for 2025",{"_69":1078,"_164":1079,"_157":1080,"_155":1087,"_148":1088,"_139":-5,"_425":1099},"data-breach-statistics","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fadd5424f71f34a19b79c1bd31c19ed05",[1081],{"_160":1082},{"_37":126,"_13":262,"_128":163,"_43":1083},{"_13":262,"_15":263,"_19":19,"_11":298,"_17":285,"_60":1084,"_172":1086},{"_15":263,"_69":300,"_72":1085,"_291":302,"_68":303,"_140":304,"_74":305},{"_62":302,"_74":303},"j0jzl01voeo","August 15, 2025",[1089],{"_151":1090},{"_37":126,"_13":559,"_128":154,"_43":1091},{"_13":559,"_15":561,"_19":19,"_11":562,"_17":314,"_60":1092,"_172":577},{"_15":561,"_69":564,"_72":1093,"_320":568,"_322":-5,"_380":569,"_323":570,"_370":371,"_376":571,"_325":1094},{"_62":566,"_74":567,"_146":6,"_144":6},[1095,1097],{"_328":1096},{"_37":126,"_13":330,"_128":325},{"_328":1098},{"_37":126,"_13":333,"_128":325},["D",1755273600000],{"_13":1101,"_15":1102,"_60":1103},"87f9e56ee51c40cca018c2908f1f0f8b"," Kawabunga, Dude, You’ve Been Ransomed!",{"_69":1104,"_164":1105,"_157":1106,"_155":1112,"_148":1113,"_139":-5,"_425":1144},"kawalocker-ransomware-deployed","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F84f6d1ab03e34ee6b3c749d3e21fe9f6",[1107],{"_160":1108},{"_37":126,"_13":271,"_128":163,"_43":1109},{"_13":271,"_15":272,"_19":19,"_11":349,"_17":285,"_60":1110,"_172":357},{"_15":272,"_69":351,"_72":1111,"_291":353,"_68":354,"_140":355,"_74":356},{"_62":353,"_74":354},"August 14, 2025",[1114,1129],{"_151":1115},{"_37":126,"_13":620,"_128":154,"_43":1116},{"_11":622,"_13":620,"_15":623,"_17":314,"_19":19,"_20":1117,"_34":1119,"_60":1120,"_45":1127,"_47":643,"_49":622,"_50":51,"_54":423,"_56":477,"_58":1128,"_172":645},{"_25":60,"_22":63,"_26":1118},{"_28":29,"_30":31,"_32":33},[],{"_72":1121,"_322":-5,"_325":1122,"_323":636,"_376":637,"_370":371,"_15":623,"_320":638,"_380":639,"_69":640,"_462":641},{"_146":6,"_74":629,"_144":6,"_62":630},[1123,1125],{"_328":1124},{"_37":126,"_13":330,"_128":325},{"_328":1126},{"_37":126,"_13":333,"_128":325},{},[],{"_151":1130},{"_37":126,"_13":483,"_128":154,"_43":1131},{"_11":485,"_13":483,"_15":486,"_17":314,"_19":19,"_20":1132,"_34":1134,"_60":1135,"_45":1142,"_47":509,"_49":510,"_50":51,"_54":511,"_56":57,"_58":1143,"_172":513},{"_25":60,"_22":63,"_26":1133},{"_28":29,"_30":31,"_32":33},[],{"_376":491,"_320":492,"_323":493,"_373":494,"_495":496,"_72":1136,"_378":499,"_380":500,"_322":501,"_69":502,"_370":371,"_325":1137,"_15":486},{"_62":486,"_74":498},[1138,1140],{"_328":1139},{"_37":126,"_13":330,"_128":325},{"_328":1141},{"_37":126,"_13":458,"_128":325},{},[],["D",1755147600000],"totalPages",33,"pageNumber","event","loader","common",{"_1152":1153,"_1683":1684,"_1746":1747},"headerContent",[1154,1238,1351,1422,1500,1517],{"_58":1155,"_45":1156,"_56":55,"_60":1157,"_47":1229,"_15":1163,"_11":1230,"_19":19,"_54":55,"_49":1231,"_20":1232,"_50":51,"_17":1234,"_34":1235,"_13":1236,"_172":1237},[],{},{"_1158":1159,"_1160":1161,"_1162":1163,"_1164":1165},"type","Menu","linkProperties",{},"menuText","Platform","columns",[1166,1200],{"_1167":1168,"_1172":105,"_1158":1173,"_1174":79,"_62":1175,"_1176":1177},"footerLink",{"_77":1169,"_1170":1171},"/platform","text","Platform Overview","columnSpan","Link List","showTitle","Huntress Managed Security Platform","links",[1178,1185,1190,1195],{"_77":1179,"_1158":1180,"_1181":1182,"_121":1183,"_62":1184},"/platform/managed-edr","Text Link","icon","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Feb16a0fc49194ef3a61c385bd0d0f312","

Get full endpoint visibility, detection, and response.

","Managed EDR",{"_121":1186,"_1181":1187,"_1158":1180,"_62":1188,"_77":1189},"

Empower your teams with science-backed security awareness training.

","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fcd0acdb221c84200a837d97a6bac46a7","Managed Security Awareness Training","/platform/security-awareness-training",{"_1158":1180,"_121":1191,"_1181":1192,"_77":1193,"_62":1194},"

Protect your Microsoft 365 identities and email environments.

","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffd3a938d7dfc41bdac34c3f46a36afb2","/platform/managed-itdr","Managed ITDR",{"_62":1196,"_1181":1197,"_77":1198,"_121":1199,"_1158":1180},"Managed SIEM","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F5638ee75bf42433c81332c153db5cb15","/platform/siem","

Managed threat response and robust compliance support at a predictable price.

",{"_1174":6,"_1158":1201,"_1172":51,"_142":79,"_1167":1202,"_62":1203,"_1204":1205},"Card",{},"Learn More Card","cardContentReference",{"_37":126,"_13":1206,"_128":1207,"_43":1208},"be5723c7f6674c6db1ebfc79503cb723","custom-cards",{"_11":1209,"_60":1210,"_34":1220,"_15":1212,"_50":51,"_45":1221,"_47":1222,"_54":55,"_58":1223,"_17":1224,"_49":1225,"_56":55,"_13":1206,"_19":19,"_20":1226,"_172":1228},1738695869997,{"_121":1211,"_15":1212,"_1213":1214,"_1215":1216,"_1217":1216,"_1218":1214,"_164":1219},"Try Huntress for free and deploy in minutes to start fighting threats.","Learn More","linkUrl","/demo","linkLabelText","Request a Demo","ctaText","ctaUrl","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4dcf43805cea496b92a4b04334297b54",[],{},1749580539246,[],"6debca3e2db24468b466376fc09f0c11",1738695944669,{"_26":1227,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},"oc4okwfx0tq",1749740747998,1749525643074,1749565841689,{"_25":60,"_26":1233,"_22":63},{"_30":31,"_28":29,"_32":33},"a8d3d337534a4f77aa8de03d557b7d7c",[],"1644f670abc3422fb4ae58c911ab52e0","i7eo6pzx07c",{"_11":1239,"_13":1240,"_15":1241,"_17":1234,"_19":19,"_20":1242,"_34":1244,"_60":1245,"_45":1347,"_47":1348,"_49":1349,"_50":51,"_54":55,"_56":57,"_58":1350,"_172":1237},1749530546748,"5233b983391e46bea1a73aa4e64e3e1f","Solutions",{"_26":1243,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_1160":1246,"_1164":1247,"_1162":1241,"_1158":1159},{},[1248,1264,1288],{"_1174":79,"_1167":1249,"_1158":1173,"_1176":1250,"_1172":51,"_62":1263},{},[1251,1255,1259],{"_1158":1180,"_77":1252,"_1181":1253,"_62":1254},"/solutions/topics/phishing","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd8af97b52a364281ae4ae771eac29f60","Phishing",{"_1158":1180,"_77":1256,"_1181":1257,"_62":1258},"/solutions/topics/cybersecurity-compliance","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F5437345f68ab4fecb25e1bf64d596f05","Compliance",{"_1181":1260,"_1158":1180,"_77":1261,"_62":1262},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fe0006e0247a84d538abfdb56270b1971","/solutions/topics/business-email-compromise","Business Email Compromise","Solutions by Topic",{"_1176":1265,"_1174":79,"_62":1286,"_1158":1173,"_1172":51,"_1167":1287},[1266,1270,1274,1278,1282],{"_1181":1267,"_1158":1180,"_77":1268,"_62":1269},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4951efeb175d46a28d43a56e44f1aaa6","/industries/education","Education",{"_62":1271,"_77":1272,"_1181":1273,"_1158":1180},"Finance","/industries/financial-services","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F2c6e56c396984defa968946c3305fd5d",{"_77":1275,"_62":1276,"_1181":1277,"_1158":1180},"/industries/healthcare","Healthcare","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fad40fb4e0e8f4fc3a283928e18d2cb07",{"_1181":1279,"_77":1280,"_62":1281,"_1158":1180},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa1a16399f6f94c3da8e42ddbe735c1c1","/industries/manufacturing","Manufacturing",{"_77":1283,"_1158":1180,"_62":1284,"_1181":1285},"/industries/state-and-local-government","State & Local Government","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fdafe6a53f78a407c80691541d7e292b9","Solutions by Industry",{},{"_1172":51,"_62":1289,"_142":79,"_1158":1201,"_1290":1291,"_1174":79,"_1167":1293,"_1204":1295},"Featured Resource","cardContentOverride",{"_121":1292},"

Packed with the information, tools, and guidance you need to keep your organization running smoothly and, most importantly, your patients safe.

",{"_1170":1294,"_77":63},"Get the Kit",{"_37":126,"_13":1296,"_128":1297,"_43":1298},"66c49e7c03769aca3efd1adf","resources",{"_13":1296,"_15":1299,"_19":19,"_11":1300,"_17":1301,"_60":1302,"_172":1346},"Healthcare Cybersecurity Success Kit",1742716627143,"5c10263d01de417681f67c6df9d9a9d4",{"_15":1299,"_69":1303,"_155":1304,"_139":1305,"_72":1306,"_140":1309,"_142":6,"_1310":79,"_164":1311,"_1312":1313,"_1314":1313,"_1315":1316,"_1334":1335,"_1218":1344,"_1217":1345},"healthcare-cybersecurity-success-kit","2024-08-21T00:00:00.000Z","2024-08-22T14:36:33.220Z",{"_62":1307,"_74":1308,"_146":6,"_144":6},"Healthcare Cybersecurity Success Kit | Huntress","This Healthcare Cybersecurity Success Kit is packed with the information, tools, and guidance you need to keep your organization running smoothly and, most importantly, your patients safe.","https://www.huntress.com/resources/healthcare-cybersecurity-success-kit","gated","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F25165b11288e4ab8ab0dc72832f4eb5e","preGateContent","

Hackers are hitting healthcare hard. From large hospital networks to small rural clinics, nothing’s off-limits anymore.

But you don't have to take it. This Healthcare Cybersecurity Success Kit is packed with the information, tools, and guidance you need to keep your organization running smoothly and, most importantly, your patients safe.

","postGateContent","tags",[1317,1326],{"_1318":1319},"tag",{"_37":126,"_13":1320,"_128":1315,"_43":1321},"6619a1966fc1cc2a81065887",{"_13":1320,"_15":1276,"_19":19,"_11":1322,"_17":1323,"_60":1324,"_172":1325},1741825542581,"06a1fff4f2d64eed986229acc010c74f",{"_15":1276},"vd8gc7kgfjq",{"_1318":1327},{"_37":126,"_13":1328,"_128":1315,"_43":1329},"65f3299e49a461b4b9c72e83",{"_13":1328,"_15":1330,"_19":19,"_11":1331,"_17":1323,"_60":1332,"_172":1333},"Mastering Cybersecurity",1741825551705,{"_15":1330},"z5l2jxgutp","assetType",{"_37":126,"_13":1336,"_128":1337,"_43":1338},"65f3299e49a461b4b9c72e40","asset-types",{"_13":1336,"_15":1339,"_19":19,"_11":1340,"_17":1341,"_60":1342,"_172":1343},"Success Kit",1741790296798,"50c69b616da14a22b2d7092dd07fd641",{"_15":1339},"71pqm3meyx4","https://www.huntress.com/industries/healthcare/healthcare-resource-kit","Get the Healthcare Cybersecurity Success Kit","yevj80s6q4b",{},1753628029636,1749565841905,[],{"_11":1352,"_13":1353,"_15":1354,"_17":1234,"_19":19,"_20":1355,"_34":1357,"_60":1358,"_45":1418,"_47":1419,"_49":1420,"_50":51,"_54":55,"_56":423,"_58":1421,"_172":1237},1749560149759,"94db9c6a65e047acb4ac7d4d2ea0da30","Why Huntress",{"_26":1356,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_1164":1359,"_1162":1354,"_1160":1417,"_1158":1159},[1360,1377,1390],{"_1167":1361,"_1158":1173,"_1176":1362,"_62":1376,"_1174":79,"_1172":51},{},[1363,1367,1372],{"_62":1364,"_1181":1365,"_77":1366,"_1158":1180},"Managed Service Providers","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F11f54e8f5fb54aadbf4c71effaab65a5","/why-huntress/managed-service-providers",{"_495":1368,"_77":1369,"_62":1370,"_1181":1371,"_1158":1180},"Platform Icon","/why-huntress/value-added-resellers","Value Added Resellers","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ff0209e5a35e34a25a31075aca24dec96",{"_77":1373,"_1181":1374,"_1158":1180,"_62":1375},"/why-huntress/it-security-teams","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ff257bebdca1c45cab6259f8436ca7221","IT & Security Teams","Who We Serve",{"_1174":79,"_1172":51,"_1158":1173,"_62":1378,"_1167":1379,"_1176":1380},"The Huntress Difference",{},[1381,1386],{"_77":1382,"_495":1383,"_1181":1384,"_62":1385,"_1158":1180},"/why-huntress/24-7-soc","Issue Detected - Alert Icon","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4cc0a301d59343f08fa3fd23661a7726","Huntress SOC",{"_77":1387,"_1181":1388,"_62":1389,"_1158":1180},"/success-stories","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fff7b259c7c5c408f9747e8a28989015b","Case Studies",{"_62":1391,"_1158":1173,"_1167":1392,"_1174":79,"_1176":1395,"_142":79,"_1172":51},"Compare Huntress",{"_77":1393,"_1170":1394},"/comparison","Compare All",[1396,1399,1402,1405,1408,1411,1414],{"_77":1397,"_62":1398,"_1158":1180},"/comparison/huntress-vs-bitdefender","Bitdefender",{"_77":1400,"_1158":1180,"_62":1401},"/comparison/huntress-vs-blackpoint","Blackpoint",{"_1158":1180,"_77":1403,"_62":1404},"/comparison/huntress-vs-crowdstrike","CrowdStrike",{"_1158":1180,"_62":1406,"_77":1407},"Datto","/comparison/huntress-vs-datto",{"_1158":1180,"_62":1409,"_77":1410},"SentinelOne","/comparison/huntress-vs-sentinelone",{"_62":1412,"_77":1413,"_1158":1180},"Sophos","/comparison/huntress-vs-sophos",{"_1158":1180,"_77":1415,"_62":1416},"/comparison/huntress-vs-webroot","Webroot",{},{},1754067690665,1749565841954,[],{"_54":55,"_60":1423,"_13":1491,"_47":1492,"_49":1493,"_20":1494,"_56":55,"_15":1424,"_45":1496,"_17":1234,"_58":1497,"_19":19,"_34":1498,"_50":51,"_11":1499,"_172":1237},{"_1158":1159,"_1162":1424,"_1160":1425,"_1164":1426},"Resources",{},[1427,1451,1473],{"_1174":79,"_62":1428,"_1172":51,"_1176":1429,"_1167":1448,"_1158":1173},"Resource Center",[1430,1433,1436,1439,1442,1445],{"_1158":1180,"_77":1431,"_62":1432},"/resources?assetTypes=Datasheet","Datasheets",{"_62":1434,"_77":1435,"_1158":1180},"Ebooks","/resources?assetTypes=eBook",{"_62":1437,"_1158":1180,"_77":1438},"Reports","/resources?assetTypes=Report",{"_77":1440,"_1158":1180,"_62":1441},"/resources?assetTypes=On-Demand+Webinar","On-Demand Webinars",{"_77":1443,"_62":1444,"_1158":1180},"/resources?assetTypes=Whitepaper","Whitepapers",{"_77":1446,"_62":1447,"_1158":1180},"/resources?assetTypes=Video","Videos",{"_1170":1449,"_77":1450},"View All Resources","/resources",{"_1176":1452,"_1167":1471,"_1172":51,"_1174":6,"_62":1472,"_1158":1173},[1453,1455,1459,1463,1467],{"_1181":1454,"_1158":1180,"_62":16,"_77":44},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F7f4ca3bd558f425da4f12b81befbb279",{"_77":1456,"_1158":1180,"_1181":1457,"_62":1458},"/upcoming-events","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F6aa1f0e921a844ed9975b8c477720a6c","Upcoming Events",{"_62":1460,"_77":1461,"_1158":1180,"_1181":1462},"Support Documentation","https://support.huntress.io/hc/en-us","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fac02933fbb964cdf9e6c8b3b2280fa5d",{"_62":1464,"_1158":1180,"_1181":1465,"_77":1466},"Integrations","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F75378b21898340b6b863c3b68ae0a980","/integrations",{"_62":1468,"_77":1469,"_1181":1470,"_1158":1180},"Huntress Hub","https://hub.huntress.com/#/page/login","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fabe11db97e084bfeb9d370076781caea",{},"Other Resources",{"_62":1474,"_142":79,"_1158":1173,"_1176":1475,"_1174":79,"_1167":1490,"_1172":51},"Produced by Huntress",[1476,1481,1486],{"_204":1477,"_77":1478,"_1158":1479,"_62":1480},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fea18a565ed0e4bdda1f6881a955de34c","/tradecraft-tuesday","Image Link","Tradecraft Tuesday",{"_62":1482,"_1158":1479,"_77":1483,"_495":1484,"_204":1485},"Fireside Chat","/firesidechat","Fireside Chat Community Series","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F98c34785dc62414381fe4d25b1d355a9",{"_204":1487,"_62":1488,"_1158":1479,"_77":1489},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F5f3ffde6942c41b6885da8bc727a4cc5","Product Lab Channel","/product-lab-channel",{},"e21c3f198af24be5b52f72480500ff2d",1749676549589,1749565842009,{"_22":63,"_26":1495,"_25":60},{"_28":29,"_30":31,"_32":33},{},[],[],1749560786283,{"_11":1501,"_13":1502,"_15":1503,"_17":1234,"_19":19,"_20":1504,"_34":1506,"_60":1507,"_45":1513,"_47":1514,"_49":1515,"_50":51,"_54":55,"_56":55,"_58":1516,"_172":1237},1749561737294,"84190317c5f14f32ae91ba95a125371a","Pricing",{"_22":63,"_25":60,"_26":1505},{"_28":29,"_30":31,"_32":33},[],{"_1160":1508,"_1158":1512,"_1162":1503,"_1213":1509},{"_77":1509,"_1170":1503,"_1510":1511},"/pricing","target","_self","Link",{},1749579606414,1749565842037,[],{"_11":1518,"_13":1519,"_15":1520,"_17":1234,"_19":19,"_20":1521,"_34":1523,"_60":1524,"_45":1679,"_47":1680,"_49":1681,"_50":51,"_54":55,"_56":57,"_58":1682,"_172":1237},1749561775412,"2dc5eb1bcc024fcca43b7644cd21d4a1","About",{"_22":63,"_25":60,"_26":1522},{"_28":29,"_30":31,"_32":33},[],{"_1160":1525,"_1162":1520,"_1164":1526,"_1158":1159},{},[1527,1549,1564],{"_1172":51,"_1167":1528,"_1176":1529,"_1158":1173,"_62":1548,"_1174":79},{},[1530,1534,1539,1543],{"_1158":1180,"_62":1531,"_1181":1532,"_77":1533},"Our Story","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F38494b4ddb7a45a78ca20d43a03176bf","/company/our-company",{"_1158":1180,"_1181":1535,"_495":1536,"_62":1537,"_77":1538},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F33845c53ebd4472b9806d7a76b742616","Leadership Icon","Leadership","/company/leadership",{"_1181":1540,"_1158":1180,"_62":1541,"_77":1542},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F3a5e883de76c4f5686d64a1dc0dbe7b6","Latest News","/company/press",{"_62":1544,"_77":1545,"_1181":1546,"_1158":1180,"_495":1547},"Awards","/awards-and-accolades","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F107b70abda5841439fca3a13a02929cf","Awards Icon","About Huntress",{"_1176":1550,"_62":1554,"_1172":51,"_1158":1173,"_1167":1563},[1551,1556,1558],{"_1158":1180,"_77":1552,"_495":1553,"_62":1554,"_1181":1555},"/company/careers","Verify Icon","Careers","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F80b5a5a31d2245e49c4038e433792c22",{"_77":1456,"_1158":1180,"_62":1458,"_1181":1557},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F1490131472ce4b94a57df268649354a0",{"_77":1559,"_1181":1560,"_62":1561,"_1158":1180,"_495":1562},"/contact-us","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F3324b3cde0b84f3b8749e3f6577c6540","Contact Us","SAT Content Icon",{},{"_1290":1565,"_62":1568,"_1174":79,"_1158":1201,"_1204":1569,"_142":79,"_1167":1677,"_1172":51},{"_1510":1566,"_77":1567},"_blank","/asset/o/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F659979229f5449f28c49a65895b9d2ef?alt=media&token=e87850ca-2ec6-4625-a6d9-b2e8a487f1ad&apiKey=3eb6f92aedf74f109c7b4b0897ec39a8","Featured Success Story",{"_37":126,"_13":1570,"_128":1571,"_43":1572},"2d71ea3f63c447d7a361e21502a74e15","success-stories",{"_11":1573,"_13":1570,"_15":1574,"_17":1575,"_19":19,"_20":1576,"_34":1578,"_60":1579,"_45":1672,"_47":1673,"_49":1674,"_50":51,"_54":423,"_56":478,"_58":1675,"_172":1676},1743800825454,"Key Methods","84071192fd6043e68c9d5963be3e722b",{"_26":1577,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_1580":1581,"_1582":1583,"_1584":1585,"_1586":1587,"_1588":1589,"_1590":1591,"_1592":1593,"_1594":1595,"_495":1620,"_69":1621,"_1622":1623,"_164":1624,"_121":1625,"_370":1574,"_72":1626,"_15":1574,"_1630":1631,"_1632":1633,"_1670":79,"_1671":79},"orderDate","Fri Apr 04 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","caseStudyPdfUrl","https://cdn.builder.io/o/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F659979229f5449f28c49a65895b9d2ef?alt=media&token=e87850ca-2ec6-4625-a6d9-b2e8a487f1ad&apiKey=3eb6f92aedf74f109c7b4b0897ec39a8","companyContactName","Dan Paquette","heroHeadline","The MSP Who Saw It All","fullWidthQuote","

“When your primary security layers are all unified in one platform, it’s easier to build depth with a vendor. And when everything feeds into the same SOC, it’s even better.”

","heroSubhead","How Key Methods Stopped Guessing and Took Control with Huntress Managed SIEM","companyAbout","

Founded in 1998 as a small IT support company, Key Methods found their niche in providing professional technology services that let their customers focus on core business competencies without worrying about their IT infrastructure.

In 2002, they shifted their focus to proactively monitor and maintain their clients’ computer networks. This new approach of focusing on “up-time” instead of waiting for “things to break” helped them grow. Today, their team consists of nearly 20 employees, serving clients around the Pacific Northwest. They look forward to pursuing their goal to be Washington State’s premier IT services company.

","mainContent",{"_1596":1597},"section",[1598,1602,1604,1606,1608,1611,1613,1616,1618],{"_1599":63,"_1600":1601},"columnTwo","columnOne","

Prologue | Key Methods’ history with Huntress

Key Methods first tried Huntress in 2022. They rolled out Huntress Managed Endpoint Detection and Response (EDR) across all their clients for a month, but they scaled back when no major security issues popped up. Instead, they took a more selective approach, using it only when they spotted something suspicious or during new client onboarding.
\n

",{"_1599":63,"_1600":1603},"

Incident one | Managed EDR quickly shuts down a threat

In 2023, Huntress Managed EDR came in handy, flagging suspicious activity inside a client’s network. This wasn’t just any client, however. It was a company handling vast sums of money and a treasure trove of personal data. In other words, a prime target for hackers.

Huntress’ Security Operations Center (SOC) stepped in quickly, working hand-in-hand with Key Methods. In no time, endpoints were isolated, access was shut down, and the threat was contained.

Crisis averted.

…or so it seemed.

",{"_1599":63,"_1600":1605},"

Post-incident | The decision no MSP wants to make

The real challenge started after the immediate threat was handled. Key Methods was left with critical questions that would inform their next steps.

“All we knew was the attackers had possibly seen things they shouldn’t have,” says Dan Paquette, Managing Partner at Key Methods.

The entire Key Methods team was on edge, haunted by questions like, “How did the hackers get in?” “What data was compromised?” “Could they still be in the system?”

With little in terms of logs or data to go on, they had to make the call no MSP ever wants to make—shut everything down.

",{"_1599":63,"_1600":1607},"

Before Huntress Managed SIEM | Playing a costly game of guesswork

The impact was huge. The client faced over a week of downtime, more than $75,000 on incident response (IR) and legal fees, and uncertainty about their future.

“It felt like forever to get the client back online,” Paquette admits. “There were so many unknowns. We were digging through user logs, piecing together backward forensics, but our records only went back so far.”

In the end, it turned out the hacker hadn’t actually stolen any data. Using only screenshots and trickery, they’d pulled off a convincing illusion of a full database breach, leaving the client believing the worst. No data was lost, but the financial and operational toll was massive.

This was a wake-up call for Key Methods. They realized they needed more than just the ability to detect and respond to threats. They needed clear, immediate answers, especially when it mattered most.

",{"_1600":1609,"_1599":1610},"

“Managed SIEM provides us with immediate, actionable insights, so we’re never left guessing during critical moments.”

","

Incident two | Managed SIEM reveals all

Not long after the incident, Huntress launched Managed Security Information and Event Management (SIEM). Key Methods jumped on board, determined to avoid ever being uncertain again. While still fine-tuning when another mass-isolation event hit, the difference was obvious.

This time, a hacker exploited a vulnerability in a client’s firewall. In the past, critical decisions had to be made in real time about whether to call in IR teams, consult legal, or notify cyber insurance. Without solid data, every decision felt like a gamble—overreacting meant wasting time and money, but hesitating could spell disaster.

With Huntress Managed SIEM in place, everything changed. Put simply, there was no more guessing. The system didn’t just flag threats—it connected the dots. Every log, every move, every breadcrumb the attacker left behind was laid out clearly.

With new technology and capabilities at their fingertips, Key Methods had complete clarity to act fast and make the right calls.

",{"_1599":63,"_1600":1612},"

Unraveling the incident | The Huntress SOC paints a clear picture

The Huntress SOC quickly collaborated with Key Methods, providing clarity within hours. Detailed logs revealed the timeline of events and exactly where the attackers had been.

“Thanks to Managed SIEM, we had critical information fast,” said Paquette. “We reviewed the logs and immediately recognized the severity of the issue, allowing us to involve IR and legal teams quickly”

With Managed SIEM’s robust logging capabilities, Key Methods easily exported accurate, reliable data to the IR firm. “There was no question about the quality or authenticity of the logs,” Paquette noted. This significantly accelerated the investigation and led to a crucial finding: no data had been exfiltrated.

“Smaller MSPs like us usually don’t have a SOC,” Paquette explained. “With breaches in the past, we had to bring in an external team, install their tools, and wait for results. This time around, Managed SIEM handled it all. We told the SOC what we needed, ran a quick query, and immediately got clear answers like, ‘No, that executable wasn’t run anywhere else in the organization.’”

With vital insight, Key Methods swiftly shifted their focus to recovery. By isolating affected systems on day one, they could begin restoration efforts right away.

",{"_1599":1614,"_1600":1615},"

“The SOC analyzed every executable across all machines and confidently pinpointed exactly which devices the hackers had compromised. Having access to such precise, actionable information is incredibly powerful.”

","

Incident three | Managed SIEM wins the race against downtime

Weeks later, another mass-isolation event unfolded, this time targeting a bustling factory—a place where assembly lines hum, conveyor belts zip, and products are packaged with non-stop precision. A place where every minute of downtime risked thousands of dollars in lost revenue.

Again, an attacker exploited a vulnerability in the client’s firewall. But this time, there was no panic.

“We got on the phone with Huntress, and a SOC analyst immediately understood the situation,” recalls Paquette. “Within hours, we identified the issue and had already begun restoring operations. This time, legal or IR teams weren’t even needed.”

Armed with real-time intelligence from the Huntress SOC and Managed SIEM, Key Methods knew the attack’s origin with unparalleled speed. The factory was back online the same day.

“The SOC analyzed every executable across all machines and confidently pinpointed exactly which devices the hackers had compromised,” Paquette explains. “Having access to such precise, actionable information is incredibly powerful.”

What could’ve been a financially devastating shutdown was a masterclass in resilience.

",{"_1599":63,"_1600":1617},"

The power of Managed SIEM | Achieving true confidence, clarity, and control

For Key Methods, Managed SIEM brought unprecedented clarity, control, and responsiveness to their operations. With Huntress Managed SIEM, they can:

Respond to incidents in hours instead of days
Minimize client downtime and significantly cut recovery costs
Protect clients from escalating threats while avoiding unnecessary legal or forensic complications
Make decisive, high-stakes calls with confidence because they’re armed with clear insights on what happened, how it happened, and what data was affected

“It’s all about confidence and clarity,” says Paquette. “Managed SIEM provides us with immediate, actionable insights, so we’re never left guessing during critical moments.”

",{"_1599":63,"_1600":1619},"

Why Key Methods is all-in on Huntress

From day one, Huntress Managed SIEM proved its worth by helping Key Methods contain threats faster, reduce downtime, and avoid unnecessary third-party headaches. While hackers rely on staying hidden, Managed SIEM gave Key Methods complete clarity into their malicious ways.

While Managed EDR wasn’t initially a priority, it didn’t take long for Key Methods to see the power of the entire Huntress platform. Now, they’ve expanded further to make Identity Threat Detection and Response (ITDR) and Security Awareness Training (SAT) part of their offerings. Instead of treating them as optional extras, they’ve baked them into their core service plans.

What really sets Huntress apart is the technology, which is purpose-built for the Huntress SOC. This tight integration of proprietary tools and human expertise creates a defense system that radically cuts down on errors, response times, and risks.

“When your primary security layers are all unified in one platform, it’s easier to build depth with a vendor,” says Paquette. “And when everything feeds into the same SOC, it’s even better.”

","Key Methods Logo","keymethods-case-study","introSectionDescription","

Key Methods, a top managed service provider (MSP) in Washington state, has earned a solid reputation for keeping security front and center in their business. They manage more than 2,000 endpoints and support nearly 80 clients, providing all with strong solutions to tackle the toughest threats. But as they’ve learned, when it comes to cybersecurity, it’s not just about stopping attacks—it’s also about understanding what’s really going on behind the scenes.

","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fccbc23d75b9640b69566b916ea6f832a","

Key Methods had seen their share of security incidents. But when one of their clients suffered a mass-isolation event, they realized they were flying blind. Attackers had accessed sensitive data, but without clear logs, they were left scrambling.

",{"_495":1620,"_62":1627,"_74":1628,"_64":1629}," Key Methods Case Study","Key Methods had seen their share of security incidents. But when one of their clients suffered a mass-isolation event, they realized they were flying blind. Attackers had accessed sensitive data, but without clear logs, they were left scrambling.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F92852707f65d412faf9ede9ade8030f1","companyLocation","Wenatchee, WA","products",[1634,1654],{"_1635":1636},"product",{"_37":126,"_13":1637,"_128":1632,"_43":1638},"671c067f6144c945bfc997d2",{"_11":1639,"_13":1637,"_15":1196,"_17":1640,"_19":19,"_20":1641,"_34":1643,"_60":1644,"_45":1650,"_47":1651,"_49":1639,"_50":51,"_54":55,"_56":55,"_58":1652,"_172":1653},1736141572401,"017139400da04b248757ac73dd38eaff",{"_22":63,"_26":1642,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_164":1645,"_1646":79,"_1647":1196,"_15":1196,"_495":1648,"_1649":1198},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F284f4bc395cf4c38ae88bfc6f9669fe3","active","shortName","Overwhelming Data Becoming Simplified with SIEM","referenceUrl",{},1756214588904,[],"no8pqcowow",{"_1635":1655},{"_37":126,"_13":1656,"_128":1632,"_43":1657},"664a2fe9c12e9dbfd3b4a0b4",{"_11":1658,"_13":1656,"_15":1184,"_17":1640,"_19":19,"_20":1659,"_34":1661,"_60":1662,"_45":1666,"_47":1667,"_49":1658,"_50":51,"_54":55,"_56":55,"_58":1668,"_172":1669},1736141572469,{"_26":1660,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_15":1184,"_1580":1663,"_164":1664,"_1646":79,"_495":1665,"_1647":1184,"_1649":1179},"2024-06-04T00:00:00.000Z","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa31d628a29d240dab4e00080df8ffba1","Man working at a desk with headphones on",{},1756214521979,[],"51aybbhgdtu","showPdf","showAboutAnchorHyperlink",{},1757688896249,1743803252848,[],"5q8ye6yengx",{"_1510":1566,"_77":1567,"_1170":1678},"Read the Study",{},1753628121235,1749565842074,[],"g2Awards",[1685,1704,1721,1736],{"_13":1686,"_15":1687,"_60":1688},"b1ef1fa50cc44b4cb964fcd76ce27c47","Managed SAT Awards",{"_160":1689,"_1690":1691},"Managed SAT","images",[1692,1695,1698,1701],{"_204":1693,"_495":1694},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fae2a45c9194b4f34a7f4ad7f4ab87759","Summer 2025 Momentum Leader G2 Badge",{"_204":1696,"_495":1697},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F6b92a475a7bb4bd58eafba51d5693bc1","Summer 2025 Regional Leader Canada G2 Badge",{"_495":1699,"_204":1700},"Summer 2025 Grid Leader Small Business G2 Badge","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fc616b18ae24d4749a8c402a04f41a674",{"_204":1702,"_495":1703},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F050a3943be914e71917c1908f00a0c7a","Summer 2025 Regional Leader Europe Small Business G2 Badge",{"_13":1705,"_15":1706,"_60":1707},"a15035cbedea4437bf339e54f6573731","Managed ITDR Awards",{"_160":1194,"_1690":1708},[1709,1712,1715,1718],{"_204":1710,"_495":1711},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fbda7bf46f087452fb892ff33fa6566dd","Summer 2025 Grid Leader G2 Badge",{"_204":1713,"_495":1714},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fc2d494c6fd22444b889a68493352a4ce","Summer 2025 Best Est. ROI G2 Badge",{"_204":1716,"_495":1717},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffea26f9142474c28b652246476967941","Summer 2025 High Performer G2 Badge",{"_204":1719,"_495":1720},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F83234adbb34d4cae9ed74a8a59e510ad","Summer 2025 Best Relationship G2 Badge",{"_13":1722,"_15":1723,"_60":1724},"f4f2c8064b7e4e92b01a3c95a41dde18","Managed EDR Awards",{"_1690":1725,"_160":1184},[1726,1728,1731,1733],{"_204":1727,"_495":1711},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa89433591dea43aea06993ea9a932bc0",{"_204":1729,"_495":1730},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F9bc7e0583c1e4f8a8c9a95d8a9eb0136","Summer 2025 Best Results G2 Badge",{"_495":1717,"_204":1732},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fec99ed68cdf14c32991363ad838df7df",{"_495":1734,"_204":1735},"Summer 2025 Best Support Enterprise G2 Badge","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F86c5949a7494413f90457a01724a5554",{"_13":1737,"_15":1738,"_60":1739},"9b043f11647d490c8780d9136cf88b34","Default G2 Awards",{"_1690":1740,"_160":1745},[1741,1742,1743,1744],{"_495":1711,"_204":1727},{"_495":1730,"_204":1729},{"_204":1732,"_495":1717},{"_495":1734,"_204":1735},"default","assetTypes",[1748,1751,1754,1757,1760,1761,1764,1767],{"_13":1749,"_15":1750},"65f3299e49a461b4b9c72e3c","Datasheet",{"_13":1752,"_15":1753},"65f3299e49a461b4b9c72e3e","Handbook",{"_13":1755,"_15":1756},"65f3299e49a461b4b9c72e39","On-Demand Webinar",{"_13":1758,"_15":1759},"65f3299e49a461b4b9c72e38","Report",{"_13":1336,"_15":1339},{"_13":1762,"_15":1763},"65f3299e49a461b4b9c72e3d","Video",{"_13":1765,"_15":1766},"65f3299e49a461b4b9c72e3b","Whitepaper",{"_13":1768,"_15":1769},"65f3299e49a461b4b9c72e3a","eBook","actionData","errors"]