24/7 Security Operations Center Backed by Our Partners Huntress
People-Powered Threat Hunting
Automation can alert — but it doesn’t stop real threats. That’s where human security experts make the difference. Our SOC team — backed by Huntress’s global experts — investigates threats, analyzes attacker techniques, and shuts down malicious activity around the clock, so you don’t have to.
Industry-Proven Performance
With Huntress powering our SOC:
8 min
Industry-leading average time to respond (MTTR)
100+
threat analysts worldwide
98.8%
customer support satisfaction score
<1%
False positive rate across 4M endpoints
78k
Confirmed high/critical incident reports sent in 2024
8k
Confirmed High/Critical identity incidents reports sent in Jan ‘25
How Our SOC Protects You
We don’t just collect data — we act on it. Unlike tools that generate noise, our SOC works seamlessly with the Huntress platform so detection and response happen in an integrated way, giving you clear, actionable security when it matters most.
Threats the Huntress SOC is Wrecking
The Huntress SOC continually hunts the kinds of sophisticated attacks targeting businesses today — from zero-day vulnerabilities to widespread malware and post-compromise activity. Our team has:
SlashAndGrab
CVE-2024-1709, CVE-2024-1708
- Quickly reverse-engineered the ScreenConnect vulnerability delivering a universal hotfix
- Issued first public detection guidance (with ongoing updates)
- Collaborated directly with ConnectWise to facilitate their response
FOUNDATION Accounting Software
- Uncovered an emerging threat affecting the construction industry
- Confirmed 33 publicly exposed hosts with unchanged default
- Shared findings with FOUNDATION to support their response plan
Cleo
- Stopped active threats to endpoints with Managed EDR IP Blocking feature
- Created custom detections for compromised Cleo Lexicom, VLTransfer, and Harmony products
- Launched investigation guide to triage in a scalable and consistent way
CrushFTP
CVE-2025-31161
- Found additional post-exploitation threat actvity abusing RMM tooling
- Notified 70+ customer companies running unpatched versions of CrushFTP
- Released two public Sigma rules to help improve detection for the broader community
Qakbot
- Delivered 10,000+ incident reports to customer and partners
- Created internal vaccine to shutdown Qakbot on endpoints
- Cut new Qakbot infections to nearly zero in two weeks post-vaccine.
Kaseya
- Hosted a community webinar for MSPs and resellers during the recovery phase
- Pushed internal vaccine to all Huntress agents within hours of initial attack
- Partnered with law enforcement, cloud service providers, and Kaseya security team on recovery efforts
Prominently featured in
Inside the Mind of a Hacker
AI can speed things up, but it doesn’t have our SOC’s insights into the techniques and tradecraft of modern hackers. Check out these examples of what our experts watch out for 24/7.
Our Team, Your Defenses
Behind the tech is a global team of security professionals — analysts, threat hunters, and product researchers — all working 24/7/365 to keep your business safe