Huntress has officially made its Managed Identity Security Posture Management (ISPM) service generally available as of June 30, 2026, marking a significant expansion of its Agentic Security Platform aimed at continuously hardening Microsoft 365 identity posture for managed service providers (MSPs) and the small to midsized businesses (SMBs) they protect.
The cybersecurity landscape has shifted dramatically in recent years, with identity emerging as the new perimeter. Microsoft 365, used by millions of organizations globally, remains a prime target for threat actors seeking to exploit misconfigurations, weak authentication methods, and excessive privileges. Huntress’s latest move addresses this head-on by delivering a fully managed service that not only assesses identity risk but actively works to reduce it over time.
The Identity Security Crisis for SMBs
Small and midsized businesses often lack the resources or expertise to continuously monitor and improve their Microsoft 365 security posture. While large enterprises can afford dedicated identity and access management teams, SMBs typically rely on overburdened IT generalists or external partners. This gap has made them easy prey for ransomware gangs and business email compromise (BEC) attacks that start with compromised credentials.
Conditional access policies, multi-factor authentication (MFA) enforcement, role-based access controls—these security fundamentals are well-documented yet frequently misconfigured or overlooked in hurried deployments. Even when initially set correctly, configurations drift over time as employees change roles, third-party integrations multiply, and licensing changes. Without ongoing management, the security posture inevitably degrades.
Huntress, long known for its human-led threat hunting and endpoint detection and response tailored to the SMB market, is now extending that philosophy to identity. Managed ISPM is not just another dashboard; it is a service where Huntress security experts combine automated tooling with human oversight to harden Microsoft 365 tenants continuously.
Inside Managed ISPM: Continuous Hardening, Not Just Assessment
The term “identity posture management” has gained traction as a counterpart to cloud security posture management (CSPM). Traditional tools scan configurations against best practices and produce alerts, leaving the hard work of prioritization and remediation to the user. Huntress Managed ISPM flips that model by taking on the remediation burden.
At the heart of the service is an agentic AI engine—part of the broader Agentic Security Platform—that constantly evaluates identity configurations across an MSP’s client base. It does not merely flag issues; it suggests and, in many cases, applies fixes automatically under the supervision of Huntress’s security operations center (SOC).
Key areas of focus include:
- Conditional access policy enforcement: Ensuring that policies requiring MFA, compliant devices, or approved locations are consistently applied and not bypassed.
- Privileged role auditing: Identifying accounts with excessive permissions and bringing them in line with the principle of least privilege.
- Authentication strength: Monitoring for legacy protocol usage, weak MFA methods, and service accounts that could be exploited.
- Third-party application risk: Reviewing OAuth consent grants and enterprise applications to detect overly permissive integrations.
- License awareness: Adjusting security recommendations based on the Microsoft 365 license tier in use, balancing protection against practical constraints.
Because the service is fully managed, MSP partners do not need to become identity experts overnight. Huntress handles the continuous monitoring, alert investigation, and ongoing adjustments, freeing up MSP technicians to focus on higher-value work.
The Agentic Security Platform: A Unified Approach
Managed ISPM is the latest module within Huntress’s Agentic Security Platform, which already includes managed EDR, managed Microsoft 365 protection, and security awareness training. The “agentic” name reflects the platform’s growing ability to autonomously take actions traditionally reserved for human analysts—guided by AI trained on Huntress’s massive trove of threat data.
This integration matters because identity threats rarely happen in isolation. A suspicious sign-in from an unusual location might correlate with a new persistence mechanism detected on a managed endpoint. By unifying signals across identity and endpoint, the platform can connect the dots faster and reduce mean time to response.
For MSPs, the unified dashboard simplifies operations. They can see all client tenants in one place, track posture scores over time, and demonstrate tangible security improvements to their customers—a key component in building trust and justifying security investments.
What This Means for Microsoft 365 Users
For businesses running on Microsoft 365, the immediate benefit is a constantly improving security baseline without the need for in-house expertise. The service doesn’t just produce a one-time assessment; it evolves as Microsoft adds new security features and as threats change. For example, if Microsoft introduces a new phishing-resistant authentication method, Managed ISPM would identify which client tenants can adopt it and guide the implementation.
Huntress’s entry into the identity posture management space also signals a maturation of the MSP security market. As more vendors offer managed services that extend beyond simple monitoring, MSPs gain leverage to compete with larger managed security service providers (MSSPs) on a more even playing field.
Competitive Landscape and Differentiation
Huntress is not the first to tackle identity security for Microsoft 365. Established players like Microsoft’s own Defender for Identity and third-party solutions from CrowdStrike, Sophos, and others provide identity protection modules. However, Huntress differentiates with its exclusive focus on the MSP/SMB channel, its human-powered operations center, and its philosophy of not just alerting but acting.
Many identity security tools remain burdensome for resource-strapped MSPs because they generate vast amounts of noise. Managed ISPM promises a curated, service-centric experience—the “managed” part is not a marketing term but the actual operational model. This is in line with Huntress’s roots: the company started by offering managed threat hunting for endpoints that competitors only monitored, and it is now applying the same playbook to identity.
Pricing and Availability
At launch on June 30, 2026, Managed ISPM is available as an add-on license within the existing Huntress platform. Pricing is structured to align with the per-user, per-month model common in the MSP channel, though specific figures have not been publicly disclosed. Existing Huntress partners can activate the service directly from their dashboard, while new partners can sign up for a trial that includes a posture evaluation of their own tenant.
The general availability release follows a successful beta program that onboarded hundreds of MSPs managing thousands of tenants. During the beta, Huntress reportedly identified and remediated tens of thousands of identity misconfigurations, preventing countless potential breaches.
Early Partner Reception
Early feedback from MSP partners highlights the peace of mind that comes with having identity hygiene managed by a trusted vendor. One beta participant noted that within the first week, the service discovered several overlooked legacy service accounts with global admin privileges—a scenario ripe for abuse. Another praised the SOC’s handling of a risky OAuth consent grant that could have allowed a third party to read emails without detection.
These real-world wins underscore the value proposition: SMBs do not need more alerts; they need problems solved. Huntress is betting that the managed identity posture model will resonate as strongly as its managed EDR did, which now secures over three million endpoints.
Looking Ahead: The Expanding Managed Security Frontier
The launch of Managed ISPM continues Huntress’s evolution from a point solution into a comprehensive security platform. With identity now in the fold, expect future additions around SaaS security posture management for other widely used applications like Google Workspace, Salesforce, or Zoom.
For Windows-centric environments—the heart of the Huntress customer base—the combination of managed endpoint and identity security creates a formidable barrier against modern threats. As attackers increasingly exploit identity gaps to bypass traditional defenses, services that proactively shrink the attack surface will become indispensable.
The general availability of Managed ISPM represents more than a product milestone; it is a statement about the future of security for the underserved SMB market. By continuously hardening Microsoft 365 identity posture, Huntress is not just responding to today’s threats but preparing its partners for the attacks of tomorrow.