The historical answer to this question has been antivirus and firewalls. However, the last several years have demonstrated hackers can slip past these preventative technologies and cause devastating results to the victims. For the co-founders of Huntress, this was a fact of life realized every day during their 10 years in the US Intelligence Community. During this time, they supported offensive cyber operations and specialized in gaining and maintaining long term access to targeted networks. Although this work was exciting, it left the team feeling like they could be doing more to protect computers from similar attacks.
In March 2015, the team started brainstorming how to complement IT departments’ existing security investments without requiring cybersecurity experts. One of their ideas focused on discovering the footholds hackers use to maintain an undetected presence within a network. Armed with a prototype nicknamed “Huntress”, they deployed this solution to 600 computers at a Government hacking exercise. To everyone’s amazement, Huntress detected 37/37 compromised computers which were protected with antivirus and a host-based intrusion system.
At that moment, the team knew they were onto something important. With their lightweight agent, Huntress could detect a compromise before the breach became serious (similar to doctors that discover early signs of cancer before it becomes terminal). This enabled early partners like MNS Group to proactively defend their customers for a fraction of the cost of in-house cybersecurity personnel.
“We’ve seen immediate results with Huntress, finding malware that slipped past reputable anti-virus software. For example, one of the threats Huntress identified was latent software on an employee’s accounting computer, which could have given access to banking account information.” — MNS Group
Fast forward to November 2016 and Huntress has significantly matured from a crude prototype to a Managed Breach Detection and Response service. Our partner’s regularly deploy the Huntress agent with LabTech, Kaseya, and N-Able RMM software. When a compromised host is discovered, we deliver high fidelity breach notifications and removal instructions (not endless alerts) directly to their ConnectWise service boards. The combination of antivirus and Huntress enables our partners to provide a more comprehensive security service capable of protecting computers from modern day attackers.
