Huntress Unveils ‘Intuitive’ SIEM Offering Tailored To MSPs, SMBs

The vendor’s expansion into SIEM provides a new option that is less complicated and more affordable than competing platforms, while still providing a major improvement to security outcomes, Huntress CTO Chris Bisnett tells CRN.

Huntress unveiled its new managed SIEM offering that aims to be a less-complicated and more-affordable alternative focused on the unique needs of MSPs and their SMB customers, according to Huntress Co-founder and CTO Chris Bisnett.

The expansion by Huntress into SIEM (security information and event management) is part of the vendor’s efforts at continuing to enable MSPs with a wider array of offerings on one platform for boosting SMB security outcomes, Bisnett said. It’s also significant because SIEM has traditionally been considered too complex and expensive for MSPs, he noted.

As it’s now being offered by Huntress, SIEM constitutes a “huge” opportunity for MSPs, Bisnett said. Key differentiators for the Huntress managed SIEM offering include using highly efficient data collection and retention techniques to keep costs predictable and minimal, which is crucial for service providers, he said.

“It allows us to just drop out significant amounts of data that ultimately has little to no security relevance,” Bisnett said.

According to one MSP and Huntress partner, the expansion by the vendor into SIEM is a welcome move, which is seeing Huntress bring the same streamlined approach to SIEM that it has previously to endpoint and Microsoft 365 security. The Huntress SIEM provides “one central location where we can calculate and collect a lot of our security data and metrics,” said Marcel Pawlowski, security engineer at Microtime Computers, an Andover, Mass.-based MSP.

The result, Pawlowski said, is that using the Huntress SIEM “really ups our digital forensics and incident response capabilities, while not being overly complicated.”

‘Perfect Balance’

Given that Microtime has four people in its security and engineering department, the MSP isn’t able to staff a 24/7 security team, he noted. The Huntress SIEM provides a “perfect balance” to boost the MSP’s security operations capabilities with its level of staffing, according to Pawlowski.

“I don't need to look at it every day. But at the same time, if an incident happens, I know the data is all there, it's accurate, the data sources are configured properly,” he said. “So it's everything that an MSP is looking for basically.”

Pawlowski said he has used a number of SIEM systems previously in his career, many of which were clunky and difficult to set up. During usage of the Huntress offering while in private beta, Microtime has found the SIEM to be a refreshing change, he said.

In particular, the user interface is “designed in a way that is very intuitive for somebody who hasn't used a SIEM before,” Pawlowski said. “The query mechanism is very simple. It uses a unified language that the documentation is very clear on. So it's effectively a pickup-and-go sort of solution. Anybody can do it.”

The launch of the Huntress managed SIEM offering follows the company’s June fundraise of $150 million aimed at accelerating its expansion into new product segments.

In addition to SIEM, the SMB-focused managed cybersecurity vendor is eyeing additional categories such as security posture management, as well as offerings that will “reinvent” data backup and recovery, Huntress Co-Founder and CEO Kyle Hanslovan told CRN previously.