Huntress recently announced the general availability of its modern Managed Security Information and Event Management (SIEM) solution at the RSA Conference, introducing enhanced integrations for log sources and expanded compliance capabilities. Fully managed by Huntress’ 24/7 Security Operations Center (SOC), Huntress Managed SIEM hopes to remove the complexity and unpredictable costs that traditional SIEM products bring.
Huntress Managed SIEM enables customers to spot and neutralize threats earlier in the attack chain than they would with an Endpoint Detection and Response (EDR) solution alone. Managed SIEM customers should also experience a faster ROI due to having “expert eyes on their environment from day one.” For example, threat hunting performed by the Huntress SOC discovered an RDP brute force attack less than 15 hours after one customer deployed Huntress. Additional functionality includes:
- Enhanced log ingestion with 20+ new integrations, encompassing firewall, password management, and identity data sources, like 1Password, Keeper Security, Fortinet, Palo Alto Networks, pfSense, SonicWall, Sophos, Ubiquiti, WatchGuard, Barracuda Networks, LastPass, BitWarden, Duo, DNSFilter, and CloudGen.
- 24/7 detection, response, and threat hunting for specific tradecraft led by Huntress’ elite SOC team to detect and neutralize threats like RDP brute force attempts that often go unnoticed.
- Expanded detection rules, rapid data rehydration capabilities, and enhanced search to speed up investigations.
- Extended data retention of up to seven years for region-specific compliance, financial auditing, PCI-DSS mandates, Cybersecurity Maturity Model Certification (CMMC), and the Australian Signals Directorate’s Essential Eight.
- Pricing based on Huntress’ ability to store only the necessary data for threat hunting, investigation and compliance.