Cybersecurity firm Huntress has rolled out a pair of new products aimed at helping businesses shore up security weaknesses before attackers can exploit them, a shift from the reactive, detect-and-respond model that has long defined the industry.
The company announced Managed Endpoint Security Posture Management (ESPM) and Managed Identity Security Posture Management (ISPM), expanding its platform to address what security experts say is one of the most persistent problems in enterprise security: misconfigured systems that sit quietly vulnerable until someone exploits them.
The launch is the latest step in an aggressive growth push for Huntress, which acquired identity security startup Inside Agent in November 2025. That deal, which brought specialised expertise in Microsoft 365 and Entra ID hardening into the fold, proved to be a fast-track to market. Huntress says it built Managed ISPM in under four months by drawing on Inside Agent’s capabilities and team. Meanwhile, Managed ESPM was built from the ground up in parallel. The speed of both developments signals how central posture management has become to Huntress’s broader platform strategy.
The timing is notable. Huntress’s own research found that abuse of remote monitoring and management tools surged 277% year-over-year, while nearly 30% of all identity-based threats involved mailbox manipulation or OAuth abuse, exactly the categories the new products are designed to address. Ransomware groups and financially motivated threat actors have increasingly relied on these vectors precisely because they tend to fall through the cracks of traditional endpoint protection tools.
“Most organisations don’t have a clear picture of their security posture, especially across endpoints,” said Gabe Knuth, Principal Analyst at Omdia. He noted that on average, a third of workplace devices are unmanaged, with more than half completely invisible to security teams, creating a significant blind spot that attackers are only too happy to exploit.
Managed ESPM is designed to give IT teams control over which applications can run across endpoints. That means blocking rogue remote-access tools, a growing attack vector, enforcing configuration standards, and helping teams prioritise vulnerability patching through a tight integration with Microsoft Defender for Endpoint. A compliance reporting dashboard is built in, with Huntress claiming it can cut attestation time from days to minutes, a meaningful benefit for organisations navigating frameworks like CMMC or CIS benchmarks.
Managed ISPM addresses the identity side, applying security policies to Microsoft 365 environments based on a combination of Microsoft’s guidance, industry standards, and techniques observed in real-world attacks. It continuously scans Entra ID and Conditional Access configurations for gaps. If an unauthorised change is detected, a common tactic used by attackers to establish persistence after gaining access, the product can automatically roll it back within minutes, before the foothold can be exploited.
What sets both products apart from legacy posture management tools, according to Huntress, is the degree to which the company’s security operations centre absorbs the operational burden. Traditional tools in this space tend to surface long lists of findings and leave customers to prioritise and remediate on their own, a process that demands dedicated security expertise most small and mid-sized organisations simply don’t have. Huntress says its analysts actively define, deploy, and maintain security controls on behalf of clients, drawing on threat intelligence gathered from more than 4 million protected endpoints and 10 million identities.
Chief Product Officer Prakash Ramamurthy framed the launch as a significant expansion of the company’s offerings. “We see attackers exploiting the same security gaps over and over again,” he said. “We built Managed ESPM and Managed ISPM to close those gaps before attackers can exploit them. Customers now get a comprehensive agentic security platform that not only stops hackers from getting in the door, but also provides the industry-leading threat detection and response they rely on when adversaries do get past controls.”
Early testers have been encouraging. Tzvi Shoop, a cybersecurity consultant at managed service provider Digacore, said trialing the endpoint product during the alpha programme proved “transformational” for his team, allowing Huntress to take on the ongoing work of maintaining client environments in a hardened state. He added that the company’s transparency throughout the process had been a distinguishing factor.
Both products are currently available through an early access programme, with general availability expected by summer 2026. Huntress will be showcasing the new tools at RSA Conference at booth S-3301.
