In 2023, Huntress Managed Endpoint Detection and Response (EDR) conducted an assessment to detect exposed passwords across all of our managed endpoints and found that 1.6% (that’s tens of thousands) held plaintext files containing exposed passwords. Seeing that such a simple security hygiene measure was causing extremely high levels of human risk across our user base, we gave our partners and customers free access to Huntress Managed SAT’s “Storing Passwords” episode to educate their end users on the dangers of having unprotected passwords readily available to hackers.
But human risk can manifest itself in many other ways that are more difficult to identify and address. You can try to lower your risk levels by assigning security awareness training (SAT) to give users a baseline of basic cybersecurity best practices. You can even launch phishing scenarios to ensure that they’re remaining vigilant and to catch risky behaviors before they happen with the real thing.
Even with those preventive measures in place, humans are inherently fallible. Some threats will still slip through the cracks. In fact, research shows that 60% of all breaches in 2024 still involved some form of the human element.
So, how do you better manage your human risk levels and address the risky behaviors that do slip through the cracks to cause real incidents? What measures can you take after these incidents have occurred to prevent them from happening again?
Introducing Behavior-Based Assignments
We’re excited to introduce the first-of-its-kind Behavior-Based Assignments, a novel capability for you to identify and mitigate human risks in an organization. With the combination of Huntress Managed SAT and Huntress Managed EDR, and Huntress Managed ITDR, you can now identify and mitigate risky behaviors that happen in the real world, directly from Huntress Incident Reports.
This allows you to turn real-world incidents into teachable moments that improve your security posture and help build a positive security culture without shaming users for their mistakes.
You can now address the specific behaviors that caused an incident with targeted training.Here’s how it works
Whether falling victim to an Adversary-in-the-Middle (AiTM) phishing attack or launching a malicious PDF sent via email, you can now educate users with tailored and timely episodic training specific to the exact behaviors that caused an Incident. Directly from the Huntress Platform, you can provide targeted, real-time training to address an individual user or across an entire organization to lower your human risk levels.
Once an incident is triggered through Managed EDR or Managed ITDR, our Security Operations Center (SOC) generates a report. In that report, we’ve added a new tab called “Recommendations.” Within this tab, you’ll see the recommended Managed SAT episode(s) based on the specific behavior(s) that triggered the incident.
The Recommendations tab is the newest addition to Huntress Incident Reports.From there, you can assign the episode(s) to the individual who carried out the risky behavior, or the organization as a whole.
Address the individual or train the whole organization if you think this behavior is more widespread.You can enroll the learner(s) with an assignment message directly from the report, with an enrollment message alerting the learner as to why the assignment was created.
Enrollment message alerting learners Once you’ve assigned it, that’s it! You’ve successfully addressed risky behaviors happening in the wild to mitigate the risk of them happening again!
With Behavior-Based Assignments, you’ll be able to keep up with hackers better and lower your human risk levels.
This is a completely free value-add for any of our Managed EDR+SAT or Managed ITDR+SAT partners and customers. You’ll automatically be opted in to enjoy easier human risk management.
Want to learn more about Huntress Managed SAT, Managed EDR, and Managed ITDR? Reach out to one of our experts to learn more or sign up for a free trial now!
And have your say in what we build next—from SAT features and beyond. Join us at The Product Lab to get the inside scoop on our latest product innovations and tell us what you want to see on our roadmap.
