Left of Boom: Closing the Identity Gaps Attackers Love with Huntress ISPM

A login came from the Netherlands. The credentials were valid, MFA was configured, but the attacker got in anyway. Four hours later they were in the email. Two days later they were in the financials. By the time anyone knew, the organization was down. At $1,500 a minute, they weren't asking how it happened. They were asking how to stop the bleeding.

Three settings made this possible. System-preferred MFA wasn't on. Auth app fatigue protections weren't configured. MFA wasn't required to join the device. All default. All open. All preventable.

This is one incident. Huntress assessed 10,500 organizations during early access and found versions of this story everywhere. The gaps are not exotic. They are sitting open right now in environments that have security tooling already deployed.

On June 16th we launched Huntress Managed ISPM. We are going to show you what these gaps look like, walk you through the incidents they caused, and show you what closing them actually looks like in practice.

What we’ll cover:

• Microsoft 365 identity gaps that keep showing up and why they’re so easy to miss

• What we’re seeing in Early Access across real environments, including the posture issues that show up most often

• Guest perspectives on what it really takes to harden Microsoft 365 without creating more operational drag

• A live look at how Managed ISPM helps teams spot problems, prioritize fixes, and make progress faster 

Session 1: Guest Panelists - Steven Clark, Christian Vazquez, Tom Lawrence

Session 2: Guest Panelists - Chris Nault, James Allen