Annie Ballew 01.26.2021

Huntress Service: Managed Antivirus

Keeping up with today’s threat landscape isn’t just about tracking hacker techniques and tradecraft (although, it is one of our favorite things to do). We’ve always said the best offense is a good defense, and that means we must keep an eye on how cyber defenses are changing as well.

When we unveiled the new Huntress Security Platform back in June, our main goal was to streamline defense. We talked about tightening our defender feedback loop and accelerating the ability to apply new defense strategies; the Platform was our way of enabling continuous updates and adaptation with reduced management and procurement overhead. 

To fit within this goal of streamlining defense, we’re thrilled to introduce our newest service: Managed Antivirus.

What is Managed Antivirus?

The latest addition to Huntress’ Security Platform, Managed Antivirus enables partners to monitor and manage Microsoft Defender Antivirus that comes pre-bundled with recent versions of Microsoft Windows.

Yup, you heard right—Microsoft Defender Antivirus.

Defender consistently ranks as a top AV product—plus it’s already built into the Windows OS, which means leveraging it can help you strengthen frontline protection without adding a new attack surface or paying extra. And extracting the most out of these existing investments is exactly why we brought Managed AV to market. 

Managed AV allows you to rethink your existing antivirus solution and look inward as a way to rebalance your security stack. And don’t just take our word for it:

“Having Huntress as an added layer of security has already demonstrated a marked improvement in our ability to secure our clients. Managed AV just adds another option for our clients when it comes to taking care of their security stack.”  - Matthew Coleman, Founder and CEO at Strategic Technical Services

“Huntress’ Managed AV will go a long way in giving customers options based on their appetite for risk. For those smaller customers who have a more base-level need, I can come in with a price point most are paying just for having AV and add on the additional layer of detection and response as a way to shore up their endpoint security." - James Bierly, Consultant/Owner at Secure Point Solutions 

Getting the Most Out of What You’ve Already Paid For

“How can I improve cybersecurity?”  🤨 

As we all know, that’s a super complicated question. Let’s take a step back and recap how most security decisions are addressed:

  • “We need to do a gap analysis!”  → Complete gap analysis
  • “We have gaps!”  → Find solutions to fill those gaps
  • “We need more tools to fill these gaps!” → Buy and implement new tools
  • “We need to do it all again!”  → Start over 

But as we all know, adding new tools is not that simple. Not only is there a financial burden, but adding new tools adds operational complexity. 

Look at it this way: If your goal is to increase your net profit, you have a few levers right?  Increase your revenue -- OR -- decrease your costs. Can’t the same be applied to security? Rather than spend more on additional security tools, what about extracting value out of investments you’ve already made? 

This is what we’re trying to do with Managed AV. 

You and/or your customers have made an investment with Windows which includes Microsoft Defender Antivirus. Based on our conversations with our partners over the past several years, being able to actually include Defender as part of your security strategy has been challenging. Now is the time to look inward instead of outward.

What’s Different about Microsoft Defender?

For a long time, Microsoft Defender Antivirus was simply not a viable candidate as an antivirus solution for our partners in the channel space; there were two significant obstacles:

1. It simply wasn’t a good antivirus, antimalware, anti-anything solution.

2. It did not meet must-have requirements for management and visibility--especially for the way in which endpoints are managed by our channel partners.

For the first problem, Microsoft has put in significant investment and has dramatically improved the efficacy and viability within Microsoft Defender as a leading contender for antivirus. Even combing through internet articles and search results, there is more and more discussion about whether Microsoft Defender might be good enough. Check out this blog to dive in further.  

But that leaves us with the second problem. Just because Defender can catch more things doesn’t mean it is a manageable option for our partners by itself. Not having visibility into it or the ability to control it has traditionally been a huge hurdle preventing partners from truly taking advantage of it.  ← THIS is what we are solving for with this new service announcement.

Why Are We Doing This? 

At Huntress, we want to challenge the way you think about your security investments. Rather than just spending more to fill in gaps, we want you to think about how you can extract value from untapped security resources found within your existing investments.  

I’ve posed this question before and I’ll say it again: Would you rather a) pay extra for a slightly better antivirus solution, or b) take those funds and redirect them towards another untapped security layer? Which option would maximize your security ROI?

Our goal at Huntress is to give you the ability to constantly improve and accelerate security for your end users. Managed Antivirus is our next step towards delivering on this goal.

What Can I Do with Managed Antivirus? 

Managed Antivirus gives you a centralized view into the status of Microsoft Defender Antivirus across all the endpoints you manage -- filling in that missing piece for IT administrators. 

With Managed Antivirus, you can:

  • Centrally monitor and manage Microsoft Defender Antivirus configuration in order to enforce configuration compliance across all endpoints, with inheritance over accounts and organizations.
  • View and examine incidents flagged by Defender, including event details and remediation steps taken.
  • Gain visibility into the health, status, latest scan and signature updates for all hosts.

Dashboard: Managed AV service

Why is Managed AV in Public Beta?  

Through our conversations and testing so far, we’ve received tons of valuable feedback from our partners on what they would like to see with Managed AV. But while we work on delivering these additional items, should we lock up everything we’ve built so far? 

I’ve spoken to the way in which Huntress does things before and our philosophy at Huntress is that if we can bring our partners incremental value now, we should.  

“With problems changing all the time, there is risk of spending too much time potentially chasing an outdated problem. If we wait until full release, a lot of time passes between when development starts and when our partners and customers can start receiving value. Especially in cybersecurity, we just don’t have that luxury of time given how fast our adversaries evolve — so why wait?” - Me 

Not only that, we want to build solutions that are solving your problems. And the way to do that is not by engineering in a vacuum. By rolling out new items early and often, we can gather your feedback and build them back into our services.

How Can I Start Using Managed AV?

For our Huntress partners, it’s as simple as just starting to use the service from within your Huntress dashboard. Agents are already installed and Huntress will start reporting on the status and running configuration of Microsoft Defender on each endpoint for you to start managing.

For anyone else, we still have our signature simple agent deployment and it’s as easy as starting up a Huntress trial to get started!

To learn more about Managed AV, watch our recent product webinar with the Huntress founders.

avatar

Annie Ballew

Technical Marketer. Security Maven. Product Marketing Manager at Huntress.