I see improvements to the HaloPSA integration as something that could be better; it would be good to see more information in the ticket raised. Currently, it can sometimes just say there's been an incident because of a VPN login. What would be really crucial would be to see the affected user and some of the login information ahead of time so we can react faster or slower if needed. I would also mention that we have a very large charitable customer who can't afford Huntress Managed ITDR, but they need it the most; if there was some charitable way of supplying Huntress Managed ITDR, we could really benefit from that. Additionally, education is very crucial, but they often don't have the budget or their budget is government-funded and requires bidding. If there were educational or nonprofit funding, that would be really helpful.
Cyber Security Analyst at a manufacturing company with 51-200 employees
Real User
Top 5
Oct 24, 2025
A downside of Huntress Managed ITDR is that some devices show they are not super compatible with the Defender for Endpoint integration. I still see many issues indicating that devices are not compliant due to policy conflicts, and it has been almost a month trying to figure out how to make all devices compliant. That is the main disadvantage I have seen. Regarding the alerts in Huntress Managed ITDR, they are decent, but they still have lagging features. I would say it is just another simple version of Azure's conditional access policy, and they could add many more features to it.
In areas where Huntress Managed ITDR could improve, I would suggest exclusions and the ability to add whitelisting for file types or select files, making it more transparent.
Head of IT at a tech services company with 51-200 employees
Real User
Top 10
Jun 27, 2025
In my opinion, Huntress Managed ITDR has room for improvement in the speed of some screen refreshing, as it isn't as fast as it perhaps could be. The fact that it caches results is a bit odd for a security product. Other than that, it's a very simple and easy-to-use interface in terms of recommendations and feedback. There's not really much at the moment I would look to change. It would be nice to have more customization around the reporting, beyond changing the logo and the color scheme, to generate a more executive summary for our board. At this point, that's really nitpicking. In terms of the actual product features, it's been pretty good. I haven't seen if there's a way to create custom alerts and custom rules for identification, but if there was, that would probably be useful as well.
The product needs further maturity, with some improvements in the user interface. There's a confusing aspect with the escalation options; applying conditions to a specific identity is not immediately visible and requires using a three-dot menu. Additionally, the rogue apps feature is in beta and currently lacks functionality.
Huntress Managed ITDR specializes in protecting Microsoft 365 environments by analyzing abnormal logons, run events, and unsanctioned VPNs. It offers efficient deployment, direct SOC support, and seamless integration with Microsoft Defender, enhancing security strategies against identity compromises.Huntress Managed ITDR provides a robust platform for centralized management of Microsoft environments. It emphasizes fast deployment and automatic remediation to protect against threats such as...
I see improvements to the HaloPSA integration as something that could be better; it would be good to see more information in the ticket raised. Currently, it can sometimes just say there's been an incident because of a VPN login. What would be really crucial would be to see the affected user and some of the login information ahead of time so we can react faster or slower if needed. I would also mention that we have a very large charitable customer who can't afford Huntress Managed ITDR, but they need it the most; if there was some charitable way of supplying Huntress Managed ITDR, we could really benefit from that. Additionally, education is very crucial, but they often don't have the budget or their budget is government-funded and requires bidding. If there were educational or nonprofit funding, that would be really helpful.
A downside of Huntress Managed ITDR is that some devices show they are not super compatible with the Defender for Endpoint integration. I still see many issues indicating that devices are not compliant due to policy conflicts, and it has been almost a month trying to figure out how to make all devices compliant. That is the main disadvantage I have seen. Regarding the alerts in Huntress Managed ITDR, they are decent, but they still have lagging features. I would say it is just another simple version of Azure's conditional access policy, and they could add many more features to it.
In areas where Huntress Managed ITDR could improve, I would suggest exclusions and the ability to add whitelisting for file types or select files, making it more transparent.
In my opinion, Huntress Managed ITDR has room for improvement in the speed of some screen refreshing, as it isn't as fast as it perhaps could be. The fact that it caches results is a bit odd for a security product. Other than that, it's a very simple and easy-to-use interface in terms of recommendations and feedback. There's not really much at the moment I would look to change. It would be nice to have more customization around the reporting, beyond changing the logo and the color scheme, to generate a more executive summary for our board. At this point, that's really nitpicking. In terms of the actual product features, it's been pretty good. I haven't seen if there's a way to create custom alerts and custom rules for identification, but if there was, that would probably be useful as well.
More in-depth reporting could be beneficial for the solution.
The product needs further maturity, with some improvements in the user interface. There's a confusing aspect with the escalation options; applying conditions to a specific identity is not immediately visible and requires using a three-dot menu. Additionally, the rogue apps feature is in beta and currently lacks functionality.