Huntress unveiled its new managed SIEM offering that aims to be a less-complicated and more-affordable alternative focused on the unique needs of MSPs and their SMB customers, according to Huntress Co-founder and CTO Chris Bisnett.
The expansion by Huntress into SIEM (security information and event management) is part of the vendor’s efforts at continuing to enable MSPs with a wider array of offerings on one platform for boosting SMB security outcomes, Bisnett said. It’s also significant because SIEM has traditionally been considered too complex and expensive for MSPs, he noted.
[Related: Huntress CEO On Raising $150M To ‘Democratize’ SIEM, Data Protection For SMBs]
As it’s now being offered by Huntress, SIEM constitutes a “huge” opportunity for MSPs, Bisnett said. Key differentiators for the Huntress managed SIEM offering include using highly efficient data collection and retention techniques to keep costs predictable and minimal, which is crucial for service providers, he said.
“It allows us to just drop out significant amounts of data that ultimately has little to no security relevance,” Bisnett said.
Advertisement
According to one MSP and Huntress partner, the expansion by the vendor into SIEM is a welcome move, which is seeing Huntress bring the same streamlined approach to SIEM that it has previously to endpoint and Microsoft 365 security. The Huntress SIEM provides “one central location where we can calculate and collect a lot of our security data and metrics,” said Marcel Pawloswski, security engineer at Microtime Computers, an Andover, Mass.-based MSP.
The result, Pawloswski said, is that using the Huntress SIEM “really ups our digital forensics and incident response capabilities, while not being overly complicated.”
‘Perfect Balance’
Given that Microtime has four people in its security and engineering department, the MSP isn’t able to staff a 24/7 security team, he noted. The Huntress SIEM provides a “perfect balance” to boost the MSP’s security operations capabilities with its level of staffing, according to Pawloswski.
“I don’t need to look at it every day. But at the same time, if an incident happens, I know the data is all there, it’s accurate, the data sources are configured properly,” he said. “So it’s everything that an MSP is looking for basically.”
Pawloswski said he has used a number of SIEM systems previously in his career, many of which were clunky and difficult to set up. During usage of the Huntress offering while in private beta, Microtime has found the SIEM to be a refreshing change, he said.
In particular, the user interface is “designed in a way that is very intuitive for somebody who hasn’t used a SIEM before,” Pawloswski said. “The query mechanism is very simple. It uses a unified language that the documentation is very clear on. So it’s effectively a pickup-and-go sort of solution. Anybody can do it.”
The launch of the Huntress managed SIEM offering follows the company’s June fundraise of $150 million aimed at accelerating its expansion into new product segments.
In addition to SIEM, the SMB-focused managed cybersecurity vendor is eyeing additional categories such as security posture management, as well as offerings that will “reinvent” data backup and recovery, Huntress Co-Founder and CEO Kyle Hanslovan told CRN previously.