Join Transform 2021 this July 12-16. Register for the AI event of the year.

Endpoint security startup Huntress today announced it has closed a $40 million series B funding round led by JMI, with additional investment from ForgePoint Capital and Gula Tech Adventures. The company says the funds, which bring Huntress’ total raised to nearly $60 million, will be used to grow its platform, as well as its software development team.

According to a recent study published by the University of Maryland, hackers attack every 39 seconds, and they’re often successful. The average time to identify a breach in 2019 was 206 days, at which point the cost could be in excess of $3.92 million. Some 20% of organizations get hit with cyberattacks six or more times a year, and 80% say they’ve experienced at least one incident in the last year so severe it required a board-level meeting, IronNet reports.

Against this backdrop, the global endpoint security market is anticipated to reach $15 billion by 2026, Statista reports. A 2021 Forrester study found that 76% of enterprises have increased their use of endpoint devices since the beginning of the pandemic to support their remote, work-from-home, and hybrid workforces. According to the same research, 66% of enterprises believe securing their infrastructure requires a more focused, proactive approach to endpoint resilience that doesn’t leave endpoint security to chance.

Former U.S. Air National Guard cyber warfare operator Kyle Hanslovan, National Security Administration cyber veteran Chris Bisnett, and security engineer John Ferrell cofounded Huntress in 2015. Hanslovan previously started the defense consulting firm StrategicIO and participates in Black Hat and Def Con. Bisnett cofounded LegalConfirm, a startup that transferred confirmation letters between attorneys, paralegals, and auditors. As for Ferrell, he spent over 15 years in a consultant role with the U.S. Department of Defense and the U.S. Department of Justice.

“We help IT resellers protect their customers from persistent footholds, ransomware, and other attacks — and with a laser focus on a specific set of attack surfaces, vulnerabilities, and exploits,” a spokesperson told VentureBeat. “Most recently, our team was notified about undisclosed Microsoft Exchange vulnerabilities successfully exploiting on-prem servers. The Huntress team was able to confirm this activity, with one of the first detections around March 1. From our research, we’ve checked over 3,000 Exchange servers and saw roughly 800 remain unpatched, identifying over 300 of our partners’ servers that have received webshell payloads. Events like this aren’t anomalies and they aren’t behind us.”

Huntress’ platform

Endpoint detection and response (EDR) technology is used to protect endpoints — i.e., computers, mobile devices, and other hardware — from attacks. It goes beyond traditional antivirus in the sense that EDR technology gathers and analyzes data from each device and then applies mitigations to handle threats and issues. This kind of technology typically combines real-time continuous monitoring and data collection with rules-based response and analysis.

Huntress’ software-as-a-service platform collects and analyzes metadata about apps scheduled to execute when a computer boots up or a user logs in. An agent inventories the apps and sends data back to an analysis engine, which taps algorithms to discover outliers in the dataset, taking into account file reputation, frequency analysis, and other factors. When an anomaly is detected, Huntress delivers remediation recommendations to ticketing systems to alert affected members of the organization.

Huntress recently introduced a service aimed at helping manage Microsoft Defender, Microsoft’s built-in Windows 10 antivirus software. The company also introduced new ransomware detection and external reconnaissance services and acquired intellectual property from Level Effect, maker of an endpoint detection and response solution designed to spot threats through deep network traffic analysis.


Above: Huntress’ security platform

Image Credit: Huntress

According to Hanslovan, Huntress, which he claims can be deployed to as many as hundreds of endpoints in less than 10 minutes using existing remote monitoring management software, has discovered tens of thousands of data breaches to date.

“The security industry is full of broken promises, and that’s often devastating to businesses and livelihoods,” Hanslovan told VentureBeat via email. “We’re thrilled to have partners who not only believe in Huntress’ mission but are working alongside one another to provide effective security to the 99% — the small and medium-sized businesses who make up the backbone of the U.S. economy.”

Competition is fierce in the growing cybersecurity segment. There’s IntSightsTrapX SecurityCybelAngel, and Deep Instinct, all of which take an algorithmic approach to threat detection. That’s not to mention San Francisco-based ZecOps, which recently nabbed $10.2 million for its tech that automates analysis and response to cyberattacks, and Trinity Cyber, whose threat-combating suite combines detection with “adversary inference.” There’s also Lacework, which protects cloud environments from data breaches.

But buoyed by the pandemic, Huntress has managed to retain a foothold. The company is headquartered in Ellicott City, Maryland and has 89 employees. It now counts 1,500 managed service providers and over 25,000 businesses among its customer base. And annual recurring revenue surpassed $10 million earlier this year.

“Security has only become more complicated — and more important — against the backdrop of COVID-19, as a result of the sharp pivot so many businesses have made to work remotely and across distributed teams,” the spokesperson said. “Looking ahead, we’ll continue to focus our efforts on the attack surfaces that hackers target most frequently — and successfully — in SMB environments. We’re planning to enable our partners to more effectively manage preventive solutions like antivirus and firewalls while moving beyond endpoint detection to increase visibility into network traffic and cloud-based email threats.”


VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member


By admin