Huntress expands posture management products
Huntress added posture management capabilities to its Agentic Security Platform to proactively reduce attack surface and improve resilience, emphasizing continuous control validation. The rollout supports the shift to 90‑day and continuous Zero Trust assessment models for identity, device, and access controls. (globenewswire.com)
Managed Endpoint Security Posture Management (Managed ESPM) and Managed Identity Security Posture Management (Managed ISPM) are being offered in Early Access by Huntress. (huntress.com/blog/proactive-security-posture-management) Huntress built Managed ESPM from the ground up and states Managed ISPM was developed in less than four months by leveraging the Inside Agent acquisition announced on November 18, 2025. (huntress.com/press-release/huntress-platform-expands-new-posture-management-products) (huntress.com/press-release/huntress-acquires-inside-agent-to-strengthen-identity-security-posture-management) Huntress says its AI‑centric SOC and threat intelligence feed are drawn from roughly 4.8 million endpoints and 10 million identities to translate telemetry into proactive posture actions. (huntress.com/blog/proactive-security-posture-management) The forthcoming ISPM will run “over 100 checks and balances” across environments and continuously monitor for misconfigurations, stale accounts, and excessive privileges, per Huntress’ Inside Agent integration notes. (huntress.com/press-release/huntress-acquires-inside-agent-to-strengthen-identity-security-posture-management) Huntress’ telemetry highlights a 277% year‑over‑year surge in abuse of remote monitoring and management (RMM) tools and reports mailbox manipulation plus OAuth abuse account for nearly 30% of identity‑based threats, while logins with risky footprints make up 37% of investigated identity threats. (huntress.com/press-release/huntress-platform-expands-new-posture-management-products) (huntress.com/blog/proactive-security-posture-management) Huntress device‑posture attributes are consumable by third‑party access controls and were integrated into Tailscale’s device‑posture policies when the Huntress integration became generally available on February 18, 2026. (tailscale.com/blog/huntress-device-posture-integration) Huntress documents HTTP Event Collector (HEC) and API‑based SIEM ingestion for external SIEMs (including Splunk HEC workflows) and notes that only account‑level admins can create new SIEM sources, while community tooling such as the pyhuntress API client was published to PyPI (released January 15, 2026) to automate integrations. (support.huntress.io/hc/en-us/articles/42333959733523-HEC-Wiz) (support.huntress.io/hc/en-us/articles/46331521446931-Troubleshooting-SIEM-HEC-and-API-based-Collection) (pypi.org/project/pyhuntress)
