Huntress Empowers Businesses to Take Control of Their Identity Security with Enhanced Managed Identity Threat Detection & Response Solution

Huntress becomes first vendor to offer proactive protection against OAuth application threats with new solution that solves identity security challenges in Microsoft 365 environments

/EIN News/ -- COLUMBIA, Md. and SAN FRANCISCO, CA, April 28, 2025 (GLOBE NEWSWIRE) -- Today, at the RSA Conference, Huntress unveiled its newly enhanced Managed Identity Threat Detection and Response (ITDR) solution, purpose-built to wreck hacker identity tradecraft, alongside new research on the growing threat of identity-based attacks and organizations' ability to defend against them.

Drawing insights from an independent UserEvidence survey of more than 600 IT and security professionals, the Huntress 2025 Managed ITDR Report: Identity Is the New Security Perimeter reveals key trends highlighting the growing frequency, severity, and cost of identity-based attacks:

• Identity-based attacks are rising. A staggering 67% of organizations reported an increase in identity-based incidents over the past three years, with these attacks comprising more than 40% of security incidents for more than a third (35%) of organizations in the past year alone.
• Rogue applications are a top concern. Nearly half (45%) of respondents encountered rogue and/or malicious applications in the past year, and 46% cited them as a top identity-based concern.
• Detection and response times are lagging. More than half of organizations (53%) say it takes them hours to detect identity-based security incidents, with over two-thirds (68%) unable to detect or respond until attackers have already established persistence.
• The financial impact is significant. The consequences of these attacks go beyond downtime and reputational harm, with 32% of businesses impacted by identity-based incidents reporting losses exceeding $100,000.

“There’s no denying identity is the new endpoint. With widespread cloud adoption, the shift to hybrid work, and an increased reliance on SaaS applications, the identity attack surface has exploded over the past few years,” said Prakash Ramamurthy, Chief Product Officer at Huntress. “Hackers are no longer wasting time breaking into networks the hard way. They’re logging in using stolen credentials, session cookies, and access tokens to bypass endpoint protection and exploit weak multi-factor authentication. Our Managed ITDR solution gives organizations the proactive detection and response they need to take control of their identity security posture before attackers do.”

Advanced Detection and Response Capabilities For “Always-On” Protection
Protecting more than 1.8 million identities, Huntress Managed ITDR has stopped 28,000 identity attacks and counting in the last six months. With a 3-minute mean time to respond (MTTR) and a low false positive rate, Huntress Managed ITDR stops threats like phishing, Adversary-in-the-Middle (AitM) attacks, and full-scale account takeovers before they escalate. Powered by Unwanted Access, Shadow Workflows, and its new Rogue Apps capability, the solution dismantles the identity tradecraft hackers love to abuse with three primary capabilities:

1. Rogue Apps: A new capability that makes Huntress the first vendor to offer proactive protection against OAuth application threats. These applications are frequently weaponized to access valuable data and establish persistent backdoors that can lurk in environments for years undetected. Rogue Apps proactively detects malicious or risky OAuth applications installed in Microsoft 365 environments and gives clear, actionable steps for removal.
2. Unwanted Access: Session hijacking and credential theft are two primary ways hackers take over accounts. Unwanted Access shuts down this tradecraft by detecting and responding to any unexpected login behaviors, location-based or VPN anomalies, isolating the compromised identity before it can be exploited.
3. Shadow Workflows: Hackers often manipulate email delivery using inbox rules and mail forwarding techniques to carry out business email compromise (BEC) scams or steal sensitive data. Shadow Workflows monitors and detects malicious inbox and forwarding rules so emails stay secure and only reach their intended destination. More features for this capability will be released in Q2 to detect malicious outbound phishing campaigns.
   

“Through our research, it became strikingly clear that the threat posed by malicious OAuth applications was far greater than initially anticipated,” said Matt Kiely, Principal Cybersecurity Researcher at Huntress. “That realization drove us to develop the Rogue Apps capability to empower organizations to proactively detect and eliminate these threats. With this new capability, we've already analyzed over 20 million OAuth applications across our customer base and have been able to pinpoint those most likely to be malicious with incredible precision. This allows us to shrink the proverbial haystack, quickly find malicious OAuth applications, and swiftly take action.”

“Huntress Managed ITDR has been a game-changer for us. Not only is it priced in a way that actually works for our clients, but it’s also made managing their Microsoft 365 identities and email environments so much easier,” said Ryan Rowbottom, Director of IT Services at PCS. “The tool is super effective, and the team at Huntress keeps rolling out new capabilities like Rogue Apps to help us stay ahead of attackers. While I was initially skeptical because the price seemed almost too good to be true, I’ve been completely won over.”

Additional resources:

• Attending RSA Conference? Stop by booth #1945 in the Moscone South Expo to learn more about Huntress Managed ITDR.
• Discover the real-world impact of identity-based attacks, how businesses are fighting back, and steps to boost your identity security in our latest research.
• Attacks are getting personal. Start a free trial of Huntress Managed ITDR to take control of your identity security.
• Register for the webinar “Identity Is the New Endpoint: Meet the Next Evolution in Threat Detection” on May 6, 2025, to hear from our experts on identity-based attacks and how to stop them.

About Huntress
Huntress is the enterprise-grade, people-powered cybersecurity solution for all businesses, not just the 1%. With fully owned technology developed by and for its industry-defining team of security analysts, engineers, and researchers, Huntress elevates underresourced tech teams whether they work within outsourced IT environments or in-house IT and security teams.

The 24/7 industry-leading Huntress Security Operations Center (SOC) covers cyber threats for outsourced IT and in-house teams through remediation with a false-positive rate of less than 1%. With a mission to break down barriers to enterprise-level security and always give back more than it takes, Huntress is often the first to respond to major hacks and threats while protecting its partners and shares tradecraft analysis and threat advisories with the community as they happen.

As long as hackers keep hacking, Huntress keeps hunting. Join the hunt at www.huntress.com and follow us on X, Instagram, Facebook, and LinkedIn.

Huntress Contact:
Aaron Deal
press@huntresslabs.com

A video accompanying this announcement is available at: https://www.globenewswire.com/NewsRoom/AttachmentNg/e775d6aa-6345-49d6-bf8d-a8964910cc1a