Huntress is a security platform that surfaces hidden threats, vulnerabilities, and exploits.
The platform helps IT resellers protect their customers from persistent footholds, ransomware and other attacks.
N/A
ReliaQuest GreyMatter
Score 10.0 out of 10
N/A
ReliaQuest offers Open XDR-as-a-Service via ReliaQuest GreyMatter, a cloud-native Open XDR platform that brings together telemetry from any security and business solution—on-premises, in one or multiple clouds--to unify detection, investigation, response and resilience. ReliaQuest combines technology and 24/7/365 security expertise to give organizations the visibility and coverage they require to make their cybersecurity program more effective. ReliaQuest, headquartered in Tampa, boasts hundreds…
Huntress is great for a managed service provider to provide a better cybersecurity stack to their endpoints/customers. Some smaller clients cannot afford high-priced SOC services but require SOC-level protection. Along with a couple of other layers of security, Huntress provides peace of mind for the MSP that if a threat were to arise, they would be notified with specific instructions for dealing with that threat.
Our company generates more than a terrabyte of log a day and it can easily go above 2 TB a day. We were using out of the box SOC Solution from splunk to manage our SOC. We lacked the know how of using splunk and also lacked the staff to keep the product up to date to help us tackle the latest threats. We outsourced our SIEM/SOAR service to RQ and they helped us with creating new use cases which addressed the latest threat to our organization. RQ has people who research the latest threats and helps us keep up to date on the day-to-day security operations. RQ also helps with data onboarding if required. So we would recommend RQ to customers who are short-staffed and who lack personnel who could research security threats to keep your organization safe from threat actors.
Using the latest industry knowledge of threats that have been ongoing, but not previously known and projecting it back in time against their installed endpoints to identify machines that are vulnerable or breached and when it these events occurred
Very quiet. If they alert, it is a thing.
Very good at remediation.
They communicate extremely well when it matters.
While there are the most extensive products more often than not they are the first to alert us to a threat.
Some Analysts are relatively fresh to SOC. They sometimes get put into supporting large infrastructures.
RQ has a ton of correlation searches that they use to provide end-to-end visibility. Most of them can be restructured to get the same results and this can reduce the number of correlation searches.
We dropped SentinelOne in favor of Huntress because the UI was much more simplistic for the tier 1 techs to maintain. It beats the old web design model of three clicks to where you want to go. It is very intuitive. No one needs training to figure out how to navigate its console.
Firstly from a business model, [VMware] Carbon Black [Cloud Managed Detection] was not outfitted for the MSP where Huntress is very MSP-friendly from an affordably easy point to entry to value for money licensing. Carbon Black TS is not bad in anyway, well, that we found, but Huntress is a new layer of security that fits between the OS and AV layers to provide additional information, monitoring, and detection. With Huntress backing the MSP, [it] sure does help as well.
Reliaquest is vendor agnostic. They have a lot of correlation searches that they use to provide security for your organizations. Compared to other products we have tried we felt that they are the only company that is doing proper market research on the latest and greatest threat to our vertical and coming out with the latest methods to keep up to date. RQ also has a good leadership structure that we could rely on if we run into any escalations. Compared to other products that we tried they try to work with you holding hands trying to resolve your problems.
RQ's Greymatter content has enriched our SOC experience because we always felt Splunk's out-of-the-box use cases were not sufficient enough to provide end-to-end coverage.
RQ specializes in a lot of big data solutions so that we can rely on them to help us troubleshoot tasks and also make sure our security solutions are working accurately.
