Huntress & Microsoft partner to boost business cybersecurity
The partnership will see Huntress' cybersecurity solutions integrated with Microsoft Defender for Endpoint, Defender for Business, Defender Antivirus, as well as Microsoft 365 Business Premium, E3, and E5 licenses. The companies state that the collaboration is designed to offer enhanced protection to businesses of all sizes that rely on Microsoft's ecosystem, many of whom face resource and expertise challenges in making full use of their security investments.
Addressing cybersecurity challenges
Over 300 million organisations worldwide use Microsoft's software, but according to Huntress, many struggle to access the complete capabilities of the security tools included with their Microsoft licenses. Organisations with limited in-house cybersecurity abilities often leave advanced threat protection features underutilised.
Huntress' solutions - including Endpoint Detection and Response (EDR), Identity Threat Detection and Response (ITDR), Security Information and Event Management (SIEM), and Security Awareness Training (SAT) - are designed to integrate smoothly with existing Microsoft environments. These tools are supported by a 24/7 Security Operations Center (SOC) which the company says enables continuous protection against emerging threats.
Quotes from leadership "Huntress was founded to make enterprise-grade security accessible to all businesses. Businesses worldwide trust Microsoft's ecosystem, but often don't fully use its potential due to limited resources or expertise. We deliver the technology and integrations needed to unlock the full value of Microsoft's security solutions, empowering businesses of all sizes to operate securely and confidently in an evolving threat landscape," said Chris Bisnett, CTO at Huntress.
Microsoft's Steve Dispensa, Corporate Vice President of Security, also commented on the collaboration: "With cyberattacks growing in both volume and complexity, businesses face mounting pressure to protect their environments with limited resources. Huntress' integrations with Microsoft 365 Business Premium and Microsoft Defender for Endpoint empower organizations to not only strengthen their security posture but also fully benefit from their Microsoft security investments. Together, we're equipping businesses worldwide to prioritize growth and innovation without compromising on security."
Integration and benefits
According to Huntress, the partnership seeks to make it easier for organisations of all sizes to turn on advanced security features. The integrations allow Microsoft customers to deploy Huntress' suite of tools through their Microsoft platforms, aiming to provide greater threat visibility, incident response capabilities, and cyber awareness for their employees.
The collaboration between Huntress and Microsoft is also intended to help businesses optimise their security spending. By using existing Microsoft licenses in combination with Huntress' managed security suite, organisations are expected to reduce the need for multiple standalone solutions, potentially offering cost efficiencies.
Background and recognition
Huntress focuses its efforts on supporting organisations that typically lack enterprise-scale resources to counteract cyber threats. Their Security Operations Center provides around-the-clock monitoring and support for businesses, with an emphasis on remediation and a low rate of false positives.
The company states its mission is to break down barriers to enterprise-level security and enable both outsourced IT contractors and internal IT staff to better prepare for and deal with cyber threats.
Huntress has also been recognised with Microsoft Verified Small & Medium Business solution status through the Microsoft Intelligent Security Association, which reflects Microsoft's assessment of trusted security products for its partner ecosystem.
The integration of Huntress solutions into Microsoft security environments will be available to all organisations using Microsoft 365 Business Premium, E3, and E5 licensing, as well as Microsoft Defender security products. The companies indicate that ongoing support and updates will be provided as the threat landscape evolves.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
2 days ago
- Techday NZ
August Patch Tuesday: Microsoft addressing 111 vulnerabilities
Microsoft is addressing 111 vulnerabilities this August 2025 Patch Tuesday, a volume which is around the recent average. In a neat parallel with last month, Microsoft is aware of public disclosure for a single one of the vulnerabilities published today, and claims no evidence of in-the-wild exploitation. Once again, the lone Patch Tuesday zero-day vulnerability is assessed as only moderate severity at time of publication, which brings Microsoft's lucky streak up to 11 months. Today's release includes the publication of nine critical remote code execution (RCE) vulnerabilities, although Microsoft has only marked one of these as more likely to see exploitation. Eight browser vulnerabilities have already been published separately this month, and are not included in the total. What do attackers want in a Windows context? Domain admin! When do they want it? Now! Today's lone zero-day vulnerability might be just what they need to break through the final layers of protection and swipe the crown jewels. CVE-2025-53779 is an elevation of privilege (EoP) vulnerability in the Windows implementation of Kerberos, which is enabled via abuse of dMSA configuration. The advisory FAQ provides more clues as to the nature of the attack than many comparable Microsoft advisories, but misses a golden opportunity for clarity, since it never sets out what it means by dMSA, leaving us scouring for contextual clues. Ultimately, we can determine from context that today's hot topic is the Delegated Managed Service Account, rather than the Defender Microservices Architecture or some other piece of Microsoft paraphernalia with matching initials. Microsoft's motivation is unimpeachable: the dMSA supports automated rotation of credentials for service accounts, and is specifically designed to prevent credential harvesting using Kerberoasting. Indeed, CISA has described Kerberoasting as one of the most time-efficient ways to elevate privileges and move laterally throughout an organisation's network. The good news here is that successful exploitation of CVE-2025-53779 requires an attacker to have pre-existing control of two attributes of the hopefully well protected dMSA: msds-groupMSAMembership, which determines which users may use credentials for the managed service account, and msds-ManagedAccountPrecededByLink, which contains a list of users on whose behalf the dMSA can act. However, abuse of CVE-2025-53779 is certainly plausible as the final link of a multi-exploit chain which stretches from no access to total pwnage. Finally, it's important to note that Microsoft is only publishing patches for Windows Server 2025, and that's because msds-ManagedAccountPrecededByLink was first implemented in Server 2025. Migrating to newer operating systems sooner rather than later remains good advice, but so is remediation of zero-day vulnerabilities which could give an attacker total control of your estate. The publication of any pre-authentication RCE in Windows will naturally spark discussion. Of course, not all pre-auth RCEs are created equal, and while CVE-2025-50165 has a hefty CVSSv3 base score of 9.8, and is certainly a cause for concern, it is not the worst of the worst, since it presumably isn't wormable. Despite that, a degree of alarm is amply justified, since the advisory FAQ mentions - twice! - that user interaction isn't required. Exploitation is via a malicious JPEG file, which could be delivered within an Office document or other means; perhaps even visiting a website would be sufficient, or receiving an email within Outlook, although the advisory doesn't explicitly confirm or deny these other possible attack routes. The malformed JPEG tricks the Windows Graphics Component into code execution via an untrusted pointer dereference. The context of execution isn't specified, so in the standard spirit of caution, we'll assume SYSTEM. This is hardly a new class of problem: we can cast our minds back a dozen years, for instance, and consider the broadly similar MS13-096. However, the specific flaw underlying CVE-2025-50165 is presumably a recent introduction, since only Windows 11 24H2 and Server 2025 receive patches. Patch this one sooner rather than later, since it could provide a skilled attacker with a valuable foothold from which to launch further attacks, including perhaps even today's CVE-2025-53779. The Windows GDI+ (Graphics Device Interface Plus) is at the centre of how almost all two-dimensional graphics are rendered on Windows assets. CVE-2025-53766 is a critical RCE in how GDI+ interprets metafiles, which are often used to store vector graphics. An attacker can achieve code execution via buffer overflow without privileges or user interaction. As with today's CVE-2025-50165, it's unlikely that this vulnerability could be wormable, but the most alarming path to exploitation involved simply uploading a malicious metafile to a Windows machine running unspecified web services. There is no mention of SharePoint, Exchange, Office, or other non-Windows products in the Security Updates section of the advisory, but that still leaves an essentially limitless potential attack surface; for example, anyone running a custom application offering file uploads could find themselves vulnerable to an attacker wielding a dodgy WMF file. On the bright side, the Preview Pane is not a vector in this case. A patch is available for Server 2008, but not Server 2012, a curious and possibly concerning pattern that we see from time to time with RCEs which affect the full historic range of Windows products. Today is certainly a good day for fans of critical RCE vulnerabilities which target weaknesses in how Windows interprets graphics. Exploitation of CVE-2025-50176, a flaw in the DirectX graphics kernel, could lead to execution in a kernel context. Microsoft considers exploitation more likely, which may be why the advisory doesn't provide a great deal of information about the means of exploitation, beyond a terse statement that type confusion is involved. Type confusion is where the kernel receives a pointer which it expects to be for one type of object, but is in fact for another, which is a bit like asking someone to read out loud from a restaurant menu, but then handing them their secret diary and hoping they won't notice the difference. Most people will not be fooled, but under the right circumstances, anything is possible. There are no significant changes to Microsoft product lifecycles this month. However, October will bring a flurry of changes, including the categorical end of support for non-LTSC versions of Windows 10.
Techday NZ
6 days ago
- Techday NZ
Quantum computing exposes Active Directory to urgent new risks
Organisations using Microsoft Active Directory as their primary identity management system face a significant cybersecurity risk as the advent of quantum computing begins to challenge established cryptographic protections, according to Certes. Certes has released a technical analysis outlining how the introduction of post-quantum cryptography (PQC), designed to resist powerful quantum computing attacks, reveals vulnerabilities in legacy systems such as Active Directory. The report indicates organisations could be exposed to attacks if underlying identity infrastructure does not evolve alongside cryptographic standards. The analysis warns that most businesses still rely on authentication systems originally built for classical computing environments. These systems employ protocols and structures including Kerberos authentication, domain trusts, and key distribution mechanisms, all of which may be unsuitable as the threat landscape evolves with quantum technology. Expert warning This isn't a hypothetical risk anymore," said Simon Pamplin, CTO at Certes. "The cryptographic standards being pushed out today are being fast-tracked to combat real and present quantum risks. But the problem is that most organisations still depend on Active Directory; a system never designed to survive this level of cryptographic upheaval. Quantum computers are predicted to eventually possess the capacity to break the cryptographic algorithms that underpin many of today's security solutions. In anticipation, new PQC algorithms are being developed and deployed. While these are expected to provide a more secure foundation for future digital infrastructure, Certes warns that existing directory services such as Active Directory were not created with quantum resilience in mind. Certes' technical team notes that, despite advances in other areas of cybersecurity, the core identity and access management systems within many enterprises remain based on decades-old technology. This dependence could create opportunities for attackers to exploit the gap between new cryptographic protections and legacy identity protocols. The firm contends that even organisations investing in modern security features such as multi-factor authentication or cloud-based platforms may remain at risk if their identity backbone is not upgraded to keep pace with cryptographic developments. What's most alarming is the false sense of security," added Simon. "Many CISOs are focused on perimeter security modernisation, MFA here, a cloud migration there, but underneath, the enterprise's digital identity is still built on sand. Industry recommendations Certes is calling on senior decision-makers, including Chief Information Security Officers (CISOs) and IT strategists, to closely review and update their security models. The company advises organisations to assess the specific vulnerabilities associated with integrating PQC into Active Directory environments, map out all current cryptographic dependencies ahead of any PQC-related implementation, and re-evaluate their digital identity strategies to look beyond legacy directory services. The organisation is actively providing guidance to clients in sectors such as finance, healthcare, defence, and government. Certes states that solutions exist today to support data protection in the face of quantum threats, and that its current focus is helping customers establish robust, future-proof strategies to secure critical assets before new attack methods become widespread. The analysis concludes that the intersection of post-quantum algorithms and enterprise authentication, particularly where Active Directory is concerned, poses an urgent and complex challenge for organisations dependent on traditional security architectures. Follow us on: Share on:
Techday NZ
7 days ago
- Techday NZ
Lindsay Zwart steps in to lead APAC for Pax8 amid leadership shift
Lindsay Zwart has been appointed as Executive Vice President and General Manager for APAC at Pax8. Zwart, who previously held senior positions with Vodafone, Microsoft, and IBM, assumes responsibility for all aspects of Pax8's business strategy and operations in the Asia-Pacific region. She reports directly to Nick Heddy, President and Chief Commerce Officer at Pax8. Her appointment comes as the company seeks to scale its cloud commerce operations and broaden market reach within APAC. Zwart brings nearly twenty years of experience in technology sector leadership roles, including digital transformation and enterprise solutions, both in APAC and internationally. Leadership transition The new appointment coincides with a shift in roles for Chris Sharp, who transitions from his previous focus on local business to a newly created position as Senior Vice President of Business Development on a global scale. Sharp will now report to Craig Donovan, Chief Experience Officer at Pax8. In his new role, Sharp will be responsible for identifying and leading strategic opportunities, such as partnerships, new market entries, and other initiatives designed to support organisational growth. Sharp's previous efforts have centred on the launch and expansion of Pax8 in Australia and New Zealand, helping to drive momentum in the region over the last four years. The company states that this realignment leverages Sharp's expertise in strategic planning and operational leadership, extending his impact across Pax8's worldwide business strategy. Nick Heddy commented on the company's focus and leadership changes. "Lindsay's appointment signals our unwavering commitment to the Asia-Pacific market and our confidence in the region's tremendous potential. This announcement also marks a strategic realignment as Pax8 prepares for its next growth phase in the APAC region in which Lindsay will work closely alongside global leaders, including Chris Sharp and Ryan Walsh. Her proven leadership, strategic vision, and operational excellence will be instrumental in unlocking new opportunities and accelerating our growth trajectory. I am confident that under her leadership, our APAC operations will reach unprecedented levels of success." Zwart's experience Prior to joining Pax8, Lindsay Zwart held the position of Chief Enterprise Officer at Vodafone New Zealand. There, she led digital transformation initiatives by guiding local enterprises in adopting 5G, IoT, and cloud technologies. Previously, Zwart worked at Microsoft, where her roles included US Chief Operating Officer and General Manager of the Cloud and Enterprise business, General Manager for Azure in the US, and overseeing Dynamics, SMB, and Partner Channel Operations. She also held leadership roles at IBM. Commenting on her new role, Zwart stated, "Pax8 is a proven force in the industry with its innovative Marketplace driving change and laying the foundation for MSP success. I look forward to bringing my experience in tech and with this region to Pax8 to continue the exciting growth trajectory the company has been on since we launched here in 2022. The region is perfectly positioned for success in the MSP space with strong leadership, enablement, and resources provided via the Pax8 Marketplace. It's an exciting time to join the company to continue to make a positive impact on the partner community!" Zwart's remit includes working with the existing APAC team to identify growth opportunities and strengthen partner engagement across the region. She will also coordinate closely with the company's global leadership team, including Chris Sharp and Ryan Walsh. Business development outlook Sharp's new global business development role is intended to focus on creating new partnerships and expanding Pax8's geographical presence. His appointment builds on his four-year tenure leading local momentum and will see him apply his experience to advancing organisational strategy on an international scale. Pax8 operates a cloud commerce Marketplace that serves managed service providers throughout the region and beyond, supporting business growth and product adoption across its ecosystem.
