Huntress Labs, the security vendor known to date for helping MSPs spot hidden intruders in end user environments, has introduced ransomware detection and external reconnaissance services.
The new offerings, which are available now at no extra cost to users of the company’s original “persistent foothold” solution, are the leading edge of a larger, more ambitious strategy to build a continually growing security platform that evolves over time in response to changing threats.
“We’re going to keep adding services where hackers go,” says Huntress CEO Kyle Hanslovan. “If they go to the cloud, we’ll add a service to go to the cloud. If they’re doing bad stuff to backups, we’ll add some stuff to protect the backups.”
The down payment on that vision announced today includes a solution that uses fake files Huntress calls “ransomware canaries” to identify an attack in progress, much the way coal miners once employed canaries as an early warning system for carbon monoxide poisoning.
“As soon as these fake files get encrypted, we’re going to be able to take action,” Hanslovan says, by notifying users of the attack and providing guidance on remediation measures. Integration with third-party BDR solutions that would allow the system to restore encrypted data automatically is on the product’s roadmap for the future.
The external reconnaissance solution, meanwhile, continuously monitors an end user’s attack surface for vulnerabilities, such as the presence of an open RDP port or the absence of a policy requiring complex passwords. “There’s a lot of enterprise tools dedicated to doing this for you, but they’re all expensive,” Hanslovan notes.
Also unveiled today are two tools designed to help MSPs acquire and retain customers more effectively. The first, which Huntress calls its partner enablement service, is a portal that channel pros can employ to plan and execute lead generation campaigns using professionally made, white-labeled marketing resources.
The other new service generates reports designed to help MSPs keep the clients they already have by providing a plain-English rundown of everything that’s happened behind the scenes in recent weeks to maintain security.
“When construction companies haven’t had a safety incident in 200 days, they don’t stop wearing hard hats, but oddly enough in the SMB [segment] when you haven’t had a breach in 30, 60, 90 days, people want to go crazy and remove the firewall and get rid of your two factor [authentication] and all the other things that are keeping you safe,” Hanslovan says. Documenting the hidden but essential work involved in preventing breaches will make talking customers out of moves likes that easier, he adds.
There is no added charge to partners for using any of the new tools or solutions announced today. According to Hanslovan, that will remain true indefinitely. “We have no intent and no plans to change our price, because we’re at a healthy margin level,” he says.
Huntress is similarly committed to charging one rate for its entire portfolio of services rather than collect individual fees for each component of its platform. That’s in distinct contrast, Hanslovan asserts, to vendors who make partners pay an additional dollar or two per endpoint per month every time they roll out a new solution.