←back to thread

An attacker’s blunder gave us a look into their operations

(www.huntress.com)
154 points mellosouls | 1 comments | 09 Sep 25 15:42 UTC | HN request time: 0.279s | source
Show context
isatsam ◴[09 Sep 25 16:17 UTC] No.45184197[source]
I don't work in cybersecurity and, after looking at the site's homepage, couldn't exactly figure out from all the buzzwords what exactly is this product. The most concerning takeaway from this article for me is that the maintainers of Huntress (whatever it is) can keep a log of, as well as personally access, the users' browser history, history of launched executables, device's hostname, and presumably a lot of other information. How is this product not a total security nightmare?
replies(12): >>45184282 #>>45184376 #>>45184533 #>>45184902 #>>45185067 #>>45185111 #>>45185367 #>>45185677 #>>45185868 #>>45185950 #>>45186020 #>>45190165 #
1. jonstewart ◴[09 Sep 25 17:10 UTC] No.45185067[source]
Their customers are companies. Almost every company, of at least a certain size, has one or more security tools installed on every host in the organization; there are called Endpoint Detection & Response (EDR) tools. Some marquee products are SentinelOne and CrowdStrike Falcon, but there are dozens. Huntress makes their own security tool but operates it for their customers as a service, which is called Managed Detection & Response (MDR). Everything on this page is legit.