[{"_1":2,"_1900":-5,"_1901":-5},"loaderData",{"_3":4,"_7":8},"root",{"_5":6},"preprod",false,"routes/blog/index",{"_9":10,"_157":255,"_273":274,"_335":336,"_337":338,"_1207":1208,"_1209":51,"_1210":1211,"_1212":1213},"page",{"_11":12,"_13":14,"_15":16,"_17":18,"_19":19,"_20":21,"_34":35,"_45":46,"_47":48,"_49":12,"_50":51,"_52":53,"_54":55,"_56":57,"_58":59,"_60":61,"_172":252,"_253":254},"createdDate",1737878647415,"id","65f3299e49a461b4b9c7296a","name","Blog","modelId","3fa669f9656b425bbe84446dd9c5a7cd","published","meta",{"_22":23,"_24":6,"_25":9,"_26":27},"lastPreviewUrl","https://prod.huntress.com/blog?builder.space=3eb6f92aedf74f109c7b4b0897ec39a8&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2Cadmin%2CeditLayouts%2CeditLayers%2CeditContentPriority&builder.user.role.name=Admin&builder.user.role.id=admin&builder.cachebust=true&builder.preview=page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.page=65f3299e49a461b4b9c7296a&builder.overrides.65f3299e49a461b4b9c7296a=65f3299e49a461b4b9c7296a&builder.overrides.page:/blog=65f3299e49a461b4b9c7296a&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default","hasLinks","kind","breakpoints",{"_28":29,"_30":31,"_32":33},"xsmall",479,"small",767,"medium",991,"query",[36],{"_37":38,"_39":40,"_41":42,"_43":44},"@type","@builder.io/core:Query","property","urlPath","operator","is","value","/blog","variations",{},"lastUpdated",1747062560084,"firstPublished","testRatio",1,"screenshot","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fb7f93b4988dd4be9b2f279c5db6b8eda","createdBy","Kz459QsZDzNpORbTSiA9L6WRQc23","lastUpdatedBy","XBN8lOXr7QMH6JvQimte3OCtO6c2","folders",[],"data",{"_62":63,"_64":65,"_66":67,"_68":63,"_69":70,"_71":63,"_72":73,"_77":44,"_74":63,"_78":79,"_80":81,"_82":83,"_84":85,"_100":101,"_243":244},"title","","openGraphImage","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F28e05784f2584d25824e4b27c802f97a","openGraphDescription","Cybersecurity is dynamic and ever-changing. Stay up-to-date with the latest information about cyber threats, vulnerabilities, and news on the Huntress blog.","metaDescription","slug","blog","titleTag","metadata",{"_74":67,"_64":75,"_62":76},"description","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F78060584ce444ba5a726170f7951a8ec","Huntress Blog","url","sitemapIndexing",true,"openGraphTitle","Huntress Blog | Huntress","contentTagCategories","DEPRECATED","contentTags",{"_86":87,"_88":89,"_90":91,"_92":93,"_94":95,"_96":97,"_98":99},"funnelStageTags",[],"regionTags",[],"aiGeneratedContentTags",[],"audienceTags",[],"industryTags",[],"productTags",[],"repurposedContentTags",[],"blocks",[102,188,197,220],{"_37":103,"_104":105,"_13":106,"_107":108,"_174":175},"@builder.io/sdk:Element","@version",2,"builder-4304305f148848f68b3ca6d6c71746ce","component",{"_15":109,"_110":111},"BlogFeatureBannerSection","options",{"_112":113,"_120":76,"_121":122,"_123":79,"_124":125},"breadcrumbs",[114,119],{"_115":116,"_117":118},"levelText","Home","levelLinkUrl","/",{"_115":16},"heading","summary","

Welcome to the Huntress Cybersecurity Blog, your go-to spot for staying ahead of\n hackers and boosting your cybersecurity savviness. Our\n blog contributors have focused on\n making cybersecurity education engaging and accessible for everyone.

","showFeaturedBlog","featuredBlog",{"_37":126,"_13":127,"_128":129,"_43":130},"@builder.io/core:Reference","67a67e43a1912da0aa6bde9c","model","blog-posts",{"_34":131,"_58":132,"_11":133,"_13":127,"_15":134,"_17":135,"_19":19,"_20":136,"_60":138,"_45":170,"_47":171,"_49":133,"_50":51,"_54":55,"_56":55,"_172":173},[],[],1742717076617,"Huntress 2025 Cyber Threat Report: Proliferating RATs, Evolving Ransomware, and Other Findings","beafe50240af45639f2b59e6aefd89f9",{"_26":137,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},{"_139":-5,"_15":134,"_140":141,"_142":79,"_72":143,"_148":149,"_155":156,"_157":158,"_164":165,"_69":166,"_167":168,"_121":169},"lastUpdatedDate","canonicalUrl","https://www.huntress.com/blog/huntress-2025-cyber-threat-report-proliferating-rats-evolving-ransomware-and-other-findings","featured",{"_144":6,"_62":145,"_146":6,"_74":147},"noFollow","2025 Cybersecurity Threat Report: Proliferating RATs, Evolving Ransomware, and Other Findings | Huntress","noIndex","Huntress’ 2025 Cyber Threat Report is here! Explore the year's biggest threats—RATs, phishing, ransomware—and how evolving tactics demand smarter defense.","authors",[150],{"_151":152},"author",{"_37":126,"_13":153,"_128":154},"66048598851912ddf28adf1a","people","publishDate","2025-02-11T00:00:00.000Z","categories",[159],{"_160":161},"category",{"_37":126,"_13":162,"_128":163},"65f3299e49a461b4b9c72e4d","blog-categories","thumbnail","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffc25dbb530b84cb79bc232519d83b123?format=webp","huntress-2025-cyber-threat-report-proliferating-rats-evolving-ransomware-and-other-findings","content","

At Huntress, we like to wreck hackers. But to take them down, we first have to understand how they operate. That’s why we created the 2025 Cyber Threat Report—an in-depth exploration of the nasty tactics, trends, and techniques reshaping cybersecurity today.

Here, we highlight key findings from the past year, offering a snapshot of the malicious strategies our analysts uncovered. Whether you’re an IT professional, cybersecurity practitioner, or business owner, these insights can provide actionable guidance to help you stay one step ahead of ever-evolving cyber threats.

Top takeaways from the 2025 Cyber Threat Report

Throughout 2024, Huntress' threat analysts looked at data from thousands of organizations and millions of endpoints, revealing the key trends that show how adaptable and relentless today’s malicious hackers are.

Remote access trojans (RATs) are more popular: Over 75% of remote access incidents utilized RATs such as AsyncRAT and Jupyter. These tools are becoming more sophisticated, making multilayered defenses like endpoint detection and response (EDR) essential.
Remote monitoring and management (RMM) tools are being exploited. Attackers are weaponizing legitimate software like TeamViewer and LogMeIn to facilitate lateral movement and maintain long-term access to systems. For environments that use RMM tools, we highly suggest increasing vigilance, enhancing access controls, and closely monitoring your tools.
Ransomware strategies are evolving: Attacks are shifting from traditional encryption to data theft and extortion. Groups like RansomHub and Akira now incentivize stolen data with big rewards, making these tactics quite lucrative. The future may see ransomware operators leaning even more into extortion (or double extortion) strategies—a trend driven by the efficacy of EDR solutions and mounting pressure from government takedown efforts.
“Living off the land” techniques are on the rise: Threat actors are doubling down on using legitimate tools like Sysinternals Suite and LOLBins to evade detection. Organizations must remove unnecessary software and enforce strict execution policies to mitigate this threat.
Phishing tactics are becoming more advanced: From QR code phishing to brand impersonation, threat actors are deploying clever methods to outsmart traditional email security. Improving security awareness training and implementing layered defenses are more essential than ever to counter these sophisticated techniques.

How these trends took shape in 2024

The findings from our 2025 Cyber Threat Report are grounded in real-world data with a comprehensive view of how malicious hackers operate today. Our threat analysts observed patterns across industries like healthcare, education, government, and manufacturing, and these growing trends stood out:

Infostealers are gaining momentum: Nearly 24% of incidents involved infostealers designed to extract sensitive credentials, financial data, and other private information.
Malicious scripts are surging: Scripts made up 22% of detected attacks, using PowerShell, VBScript, and JavaScript to perform stealthy, efficient attacks.
Ransomware is fragmenting: Despite takedowns of large groups like Hive and LockBit, smaller, flexible affiliates have risen to fill the gap. Unfortunately, this led to more unpredictable, widespread attacks.

\"Industries — Industries targeted by percentage

Why these findings matter

The 2024 cybersecurity landscape exposes a simple yet alarming truth: threat actors aren’t slowing down. Because hackers' tactics and tools are evolving, you must take a proactive approach that prioritizes awareness, preparation, and consistent upgrades to defense strategies.

Understanding the tactics outlined in this report is the first essential step. By educating your teams, using multiple layers of security, and staying informed about emerging risks, you and your organization will be ready to take on any challenges that come your way.

\"Huntress — *Huntress 2025 Cyber Threat Report*

Get more from the report and stay one step ahead

The insights from our 2025 Cyber Threat Report spotlight the critical need to stay ahead of malicious hackers. With tools like RMM software and phishing techniques becoming more advanced, protecting data, systems, and users is an ongoing battle—but one you can win.

While there’s no one-size-fits-all solution, embracing layered defenses, removing unnecessary vulnerabilities, and training your team to spot threats are actionable steps everyone should take right now.

Download the entire 2025 Cyber Threat Report to gain a deeper understanding of these trends and learn more strategies for keeping your organization safe.

","

",{},1744303952880,"rev","3er88erazq6","responsiveStyles",{"_176":177},"large",{"_178":179,"_180":181,"_182":183,"_184":185,"_186":187},"display","flex","flexDirection","column","position","relative","flexShrink","0","boxSizing","border-box",{"_37":103,"_104":105,"_13":189,"_107":190,"_174":195},"builder-4c139472c097464e87c1ec73f00f7381",{"_15":191,"_110":192},"BlogListSection",{"_193":194},"pageSize",15,{"_176":196},{"_178":179,"_180":181,"_182":183,"_184":185,"_186":187},{"_37":103,"_104":105,"_13":198,"_107":199,"_174":218},"builder-09dcd692cdf94623b83c105f1fac9802",{"_15":200,"_110":201},"BlogSignupSection",{"_120":202,"_121":203,"_204":205,"_206":207},"Sign Up for Huntress Updates","Get insider access to Huntress tradecraft, killer events, and the freshest blog updates.","image","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fcb5efa5143804ba59d530a903d29fe5f","blogSignupForm",{"_208":209,"_210":6,"_211":212,"_213":214,"_215":6,"_216":6,"_217":6},"formId","wf-form-Blog-Signup-Form","showFormTitle","submitButtonText","Submit","hubspotFormId","5198e52f-a296-4d78-935d-fe864d69a67a","showBlueGreenGradient","showBluePurpleGradient","useNeverBounce",{"_176":219},{"_178":179,"_180":181,"_182":183,"_184":185,"_186":187},{"_13":221,"_37":103,"_222":223,"_224":225,"_174":235},"builder-pixel-gwmh6zg9mbs","tagName","img","properties",{"_226":227,"_228":229,"_230":63,"_231":232,"_233":185,"_234":185},"src","https://cdn.builder.io/api/v1/pixel?apiKey=3eb6f92aedf74f109c7b4b0897ec39a8","aria-hidden","true","alt","role","presentation","width","height",{"_176":236},{"_234":185,"_233":185,"_178":237,"_238":185,"_239":240,"_241":242},"block","opacity","overflow","hidden","pointerEvents","none","state",{"_245":176,"_246":247},"deviceSize","location",{"_248":44,"_249":250,"_34":251},"pathname","path",[70],{},"ela0cwp1hbg","template","huntress",[256,259,261,264,267,270],{"_13":257,"_15":258},"65f3299e49a461b4b9c72e33","Business Growth",{"_13":162,"_15":260},"Cybersecurity Education",{"_13":262,"_15":263},"65f3299e49a461b4b9c72e34","Cybersecurity Trends",{"_13":265,"_15":266},"65f3299e49a461b4b9c72e8a","Huntress News",{"_13":268,"_15":269},"65f3299e49a461b4b9c72e32","Response to Incidents",{"_13":271,"_15":272},"65f3299e49a461b4b9c72e31","Threat Analysis","featuredBlogPost",{"_13":275,"_15":276,"_60":277},"65f3299e49a461b4b9c7292a","Navigating the SMB Threat Landscape: Key Insights from Huntress’ SMB Threat Report",{"_69":278,"_164":279,"_157":280,"_155":307,"_139":-5,"_148":308,"_142":79},"navigating-the-smb-threat-landscape-key-insights-from-huntress-smb-threat-report","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F25d75ed735a34023a4e0b3e874210f25",[281,295],{"_160":282},{"_37":126,"_13":162,"_128":163,"_43":283},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":286,"_172":294},1739997399371,"b7b51689bde4424484bccde4b9ee6d6b",{"_15":260,"_69":287,"_72":288,"_291":289,"_68":290,"_140":292,"_74":293},"cybersecurity-education",{"_62":289,"_74":290},"Cybersecurity Education Blog Posts | Huntress","Read more about Cybersecurity Education in these Huntress blog posts. ","metaTitle","https://www.huntress.com/blog-categories/cybersecurity-education","

Cybersecurity education should be accessible and actionable, not jargony. Welcome to your hub for mastering the fundamentals and beyond. Get education and advice from our experts to deepen your knowledge and stay ahead of cyber threats—made for all levels.

","mfntd1ky2n",{"_160":296},{"_37":126,"_13":262,"_128":163,"_43":297},{"_13":262,"_15":263,"_19":19,"_11":298,"_17":285,"_60":299,"_172":306},1739997399701,{"_15":263,"_69":300,"_72":301,"_291":302,"_68":303,"_140":304,"_74":305},"cybersecurity-trends",{"_62":302,"_74":303},"Cybersecurity Trends Blog Posts | Huntress","Read more about Cybersecurity Trends in these Huntress blog posts. ","https://www.huntress.com/blog-categories/cybersecurity-trends","

Stay a step ahead with insights into the latest developments shaping the cybersecurity landscape. From emerging threats to breakthrough technologies, we analyze how these trends impact your security strategy so you can adapt your defenses accordingly.

","ck9tutchvyj","November 21, 2023",[309],{"_151":310},{"_37":126,"_13":153,"_128":154,"_43":311},{"_13":153,"_15":312,"_19":19,"_11":313,"_17":314,"_60":315,"_172":334},"Team Huntress",1742719371598,"d50b5ec346a64579b280b4104dca236e",{"_15":312,"_69":316,"_72":317,"_320":321,"_322":-5,"_323":324,"_325":326},"team-huntress",{"_62":318,"_74":319,"_146":6,"_144":6},"Team Huntress | Huntress","Read blog posts written by the amazing Huntress team on the Huntress Blog.","profileImage","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F94d27b5ca67c40d698b6b9f3f52bc4dc","profileImageAltText","bioDetail","

These resources have been written by some of the fantastic experts on our team. And if they’re at Huntress they’re probably ethical badasses who enjoy working every day to protect small and medium-sized businesses.

Our authors often come from backgrounds in gaming, tech innovation, IT, military intelligence, and a mix of unrelated but awesome careers like teaching, baking, music, law, and graphic design, just to name a few.

We’re a diverse team of pros who love hunting down threats, identifying trends, and writing about what we’re seeing so that everyone can benefit.

Meet more Huntress authors here.

‍

","groups",[327,331],{"_328":329},"group",{"_37":126,"_13":330,"_128":325},"00d1d80145b14a6b87c45567b169a8f4",{"_328":332},{"_37":126,"_13":333,"_128":325},"babc0d8823f34ab894a4431d5b302dc7","i9wikv0dy4","builderApiKey","3eb6f92aedf74f109c7b4b0897ec39a8","blogPosts",[339,523,615,672,717,759,846,926,951,976,1001,1072,1109,1139,1164],{"_13":340,"_15":341,"_60":342},"7c372c9753f44b7a858f43874ef1d7cb","Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287) ",{"_69":343,"_164":344,"_157":345,"_155":358,"_148":359,"_139":-5,"_521":522},"exploitation-of-windows-server-update-services-remote-code-execution-vulnerability","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F86b7b3417b154f40bf10bbb4d5ac05d6",[346],{"_160":347},{"_37":126,"_13":268,"_128":163,"_43":348},{"_13":268,"_15":269,"_19":19,"_11":349,"_17":285,"_60":350,"_172":357},1739997400367,{"_15":269,"_69":351,"_72":352,"_291":353,"_68":354,"_140":355,"_74":356},"response-to-incidents",{"_62":353,"_74":354},"Incident Responses Blog Posts | Huntress","Read more about Incident Responses in these Huntress blog posts. ","https://www.huntress.com/blog-categories/response-to-incidents","

Be the first to know about CVEs and threat advisories that we're seeing on the front lines. We'll break down how these threats or attacks work, do in-depth analysis, and provide mitigation guidance.

","v2cu0x2oojd","October 24, 2025",[360,394,425,456,487],{"_151":361},{"_37":126,"_13":362,"_128":154,"_43":363},"66048bf3351a788121c616ae",{"_34":364,"_58":365,"_11":366,"_13":362,"_15":367,"_17":314,"_19":19,"_20":368,"_60":370,"_45":390,"_47":391,"_49":366,"_50":51,"_54":392,"_56":392,"_172":393},[],[],1742719368644,"Chad Hudson",{"_26":369,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},{"_371":372,"_15":367,"_322":-5,"_320":373,"_323":374,"_375":376,"_72":377,"_380":381,"_382":383,"_69":384,"_325":385},"jobTitle","Senior Hunt & Response Analyst","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F833407826677436f8a7753fbb9f0b3ea","

Turning childhood curiosity into cybersecurity expertise.

Chad Hudson's journey into the world of computers began at a young age, inspired by his father's passion for technology. \"I had always been around computers while growing up,\" Chad recalls. \"My dad was an avid hobbyist into computers and tech. Eventually, it rubbed off onto me and I started copying him as a child and got involved with computers.\"

At Huntress, Chad specializes in the Security Operations Center (SOC) and Hunt & Response. His role involves staying vigilant against cyber threats and responding swiftly to security incidents targeting small and medium-sized businesses. \"Working at Huntress gives me all the warm and fuzzies, knowing we're out here being the cyber 'superheroes' for the SMBs,\" he says. \"It's satisfying waking up each day knowing we're the ones stopping threat actors attempting to punish hardworking companies for a quick buck.\"

What's your favorite cybersecurity tip, Chad?

\"Think before you click. Working in a SOC and contributing to the hunts, a main method I see users falling for is social engineering attacks such as phishing. It's better to take your time when reviewing your emails, going to web pages, and downloading content. In the long run, a few extra seconds of caution can save a world of trouble!\"

Go ahead and give Chad a follow on X: @0xBurgers

‍

","linkedInUrl","https://www.linkedin.com/in/chadhudsoncybersec/",{"_62":378,"_144":79,"_146":79,"_74":379},"Chad Hudson | Huntress","Read blog posts from Chad Hudson on the Huntress Blog.","companyName","Huntress","xTwitterUrl","https://x.com/0xBurgers","chad-hudson",[386,388],{"_328":387},{"_37":126,"_13":330,"_128":325},{"_328":389},{"_37":126,"_13":333,"_128":325},{},1743718476064,"wAnY6pD8qneav3wmIkWFzKSZXNM2","5xca6m3g94",{"_151":395},{"_37":126,"_13":396,"_128":154,"_43":397},"3c9334d8481345a0ab0a6c9e1ce37f67",{"_11":398,"_13":396,"_15":399,"_17":314,"_19":19,"_20":400,"_34":402,"_60":403,"_45":419,"_47":420,"_49":421,"_50":51,"_54":422,"_56":422,"_58":423,"_172":424},1759242730979,"James Maclachlan",{"_26":401,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_380":381,"_69":404,"_371":372,"_72":405,"_15":399,"_408":409,"_410":411,"_325":412,"_415":416,"_320":417,"_323":418},"james-maclachlan",{"_74":406,"_62":407},"Read blog posts from James Maclachlan on the Huntress Blog. ","James Maclachlan | Huntress","lastName","Maclachlan","firstName","James ",[413],{"_328":414},{"_37":126,"_13":330,"_128":325},"jsonLd",{},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F81a6bcfd3e324813a5b4a12c38b6d9d7","

James Maclachlan is a dedicated cybersecurity professional with a knack for uncovering threats and responding to incidents. His passion for cybersecurity was sparked at a young age after a malware infection while downloading Minecraft mods, and it grew into a career during his time at the University of Warwick, where he earned an MSc in Cybersecurity Engineering. James also holds certifications like eCTHPv2 and eCMAP, showcasing his expertise in threat hunting and malware analysis.

Before joining Huntress, James honed his skills in Security Operations at Mandiant and Google. At Huntress, he thrives on the mission of protecting businesses of all sizes from cyber threats, hunting APTs, and uncovering zero-days.

Outside of work, James enjoys web development, drumming, and playing ice hockey. He’s a strong advocate for password managers, unique passwords, and 2FA.

Explore his insights on his blog: blog.jaalma.io.

",{},1759842998849,1759242914864,"ksrtPDlNQGhJESnopKjn4sdUP2x1",[],"0p0wp2yglb89",{"_151":426},{"_37":126,"_13":427,"_128":154,"_43":428},"6619a8c7f5f67fea22937980",{"_11":429,"_13":427,"_15":430,"_17":314,"_19":19,"_20":431,"_34":433,"_60":434,"_45":451,"_47":452,"_49":429,"_50":51,"_54":392,"_56":453,"_58":454,"_172":455},1742719349377,"Jai Minton",{"_26":432,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_380":381,"_322":-5,"_371":435,"_375":436,"_69":437,"_72":438,"_382":441,"_15":430,"_323":442,"_325":443,"_320":448,"_449":450},"Manager, Hunt & Response - AUS","https://www.linkedin.com/in/jaiminton/","jai-minton",{"_144":6,"_74":439,"_146":6,"_62":440},"Read blog posts from Jai Minton, Principal Security Operations Analyst on the Huntress Blog.","Jai Minton - Principal Security Operations Analyst | Huntress","https://x.com/CyberRaiju/","

Jai Minton’s journey into cybersecurity is as unique as it is inspiring.

Jai's initial foray into cybersecurity began in high school when he \"borrowed\" internet from a neighbor, uncovering vulnerabilities in wireless networks. This curiosity led him to pursue information security in university, despite initial reluctance. A pivotal moment during his final year placement involved identifying and addressing security issues within an organization. This achievement quickly led to the creation of a new role specifically for Jai, marking the beginning of his professional career in the cybersecurity industry.

Describing himself as a \"Jack of all Trades, Master of None,\" Jai has built a versatile skill set that spans Threat Hunting, Security Operations, Malware Analysis, Detection Engineering, Digital Forensics, and Incident Response. While his focus has been primarily on defensive security operations, threat intelligence, and threat hunting, Jai's early career included penetration testing and vulnerability assessments.

“Huntress allows me to have a flexible remote working environment, whilst still being able to use my mind to solve any hurdles encountered. This is all with the knowledge that everything is directly contributing to the ongoing security of small to medium-sized businesses which need protection the most.”

Jai’s academic credentials are impressive: a Bachelor of Information Technology, a Diploma of Government, and certifications such as OSCP, and GIAC iOS and MacOS Examiner (GIME). He has also served as an Academic Advisor for Security Blue Team’s ‘Blue Team Level 2’ (BTL2) certification, with his research being cited in renowned industry courses like SANS FOR500 (Windows Forensic Analysis).

Jai has been recognized with several prestigious awards, including:

2023: SANS Holiday Hack Challenge - Best Overall Answer Grand Prize Winner
2022: SANS Holiday Hack Challenge - Best Technical Answer Prize Winner
2021: SANS Holiday Hack Challenge - Most Creative Prize Winner
SANS Counter Hack Challenges: Core Netwars Continuous 2 - Top 1% Globally
SANS Counter Hack Challenges: DFIR Netwars Continuous 2 - Top 3% Globally

Before joining Huntress, Jai worked for CrowdStrike, further honing his expertise in the cybersecurity field.

What’s your favorite cybersecurity tip, Jai?

First, use a password manager, don't save your passwords in your browser or reuse them. Secondly, block advertisements—malicious ads are a common source of downloading software from fake websites that cause initial infections on a system.”

Outside of his professional life, Jai enjoys research, gaming, and spending time with his loved ones.

You can learn more about Jai on his website jaiminton.com or follow him on Twitter/X and YouTube @CyberRaiju.

",[444,446],{"_328":445},{"_37":126,"_13":330,"_128":325},{"_328":447},{"_37":126,"_13":333,"_128":325},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd158bbe5530045be8a6c7f1a4de7ed45","portraitImage","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F9538827d6c1b49ffb4e8f1e39e63fab3",{},1752677471534,"0XU3rreLLCPzgsmuIQDqjlW9xhs2",[],"lrordwr3xm",{"_151":457},{"_37":126,"_13":458,"_128":154,"_43":459},"66048bf51de5bd420f2f2608",{"_11":460,"_13":458,"_15":461,"_17":314,"_19":19,"_20":462,"_34":464,"_60":465,"_45":483,"_47":484,"_49":460,"_50":51,"_54":453,"_56":453,"_58":485,"_172":486},1742719359732,"John Hammond",{"_26":463,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_320":466,"_371":467,"_323":468,"_69":469,"_15":461,"_375":470,"_325":471,"_476":477,"_380":381,"_382":478,"_72":479,"_322":-5,"_449":482},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F0ebcc8e098b842e3b6c5d44ae153b485","Principal Security Researcher","

Capturing flags, thwarting threats, and making cybersecurity accessible one endpoint at a time.

John Hammond, a Principal Security Researcher at Huntress, discovered his passion for cybersecurity as an undergraduate at the US Coast Guard Academy, where competing in a “Cyberstakes” capture the flag event opened his eyes to vulnerabilities, exploits, and hacker tradecraft. At Huntress, he focuses on endpoint security, digging into living-off-the-land techniques and obfuscated scripting payloads.

With a stack of certifications—including LFCS, PCAP, CompTIA Security+, CEH, eJPT, eCPPT, OSCP, OSCE (classic and 3), OSWP, OSEP, OSED, and OSWE—John brings serious technical prowess to the team. He’s honored to have received the RITA Award at Wild West Hacking Fest from Black Hills Information Security, and he credits the supportive, mission-driven environment at Huntress for enabling him to do meaningful work.

John is also an active voice in the community, sharing his experience through these Huntress on-demand webinars:

Before joining Huntress, John served as an instructor and curriculum developer with the Department of Defense Cyber Crime Center and Cyber Training Academy, and later as a Red Team Cyber Operator at the Defense Threat Reduction Agency.

His top cybersecurity tip is a simple one: “Use a password manager—seriously!!”

Outside of work, John loves spending time with his family and taking the rest he needs to stay sharp. He also shares his life with two dogs, Bam Bam and Pebbles—named after the beloved Flintstones characters, of course.

Give John a follow on his socials:

‍

","john-hammond","https://www.linkedin.com/in/johnhammond010/",[472,474],{"_328":473},{"_37":126,"_13":330,"_128":325},{"_328":475},{"_37":126,"_13":333,"_128":325},"instagramUrl","https://www.instagram.com/_johnhammond/","https://twitter.com/_johnhammond",{"_144":6,"_74":480,"_62":481,"_146":6},"Read blog posts from John Hammond on the Huntress Blog.","John Hammond - Principal Security Researcher | Huntress","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F7743d3ad18734d4697f9e4aa467e670b",{},1752677471317,[],"yfrowogqae",{"_151":488},{"_37":126,"_13":489,"_128":154,"_43":490},"7fb779bf8ddf42fda6c8463ccdf60a68",{"_11":491,"_13":489,"_15":492,"_17":314,"_19":19,"_20":493,"_34":495,"_60":496,"_45":515,"_47":516,"_49":517,"_50":51,"_54":518,"_56":57,"_58":519,"_172":520},1744385801818,"Lindsey O'Donnell-Welch",{"_25":60,"_22":63,"_26":494},{"_28":29,"_30":31,"_32":33},[],{"_375":497,"_320":498,"_323":499,"_408":500,"_501":502,"_72":503,"_410":505,"_371":506,"_322":507,"_69":508,"_380":381,"_325":509,"_15":492},"https://www.linkedin.com/in/lindsey-o-donnell-welch-abb72b4a/","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F037877a541484d86ac239373c502608a","

With more than a decade of experience translating complex security topics into compelling stories, Lindsey brings a sharp editorial eye and a passion for clarity to the Huntress team. Her mission? Breaking down the intricate world of cybersecurity to make it accessible for everyone. It’s one of the many reasons she loves being part of Huntress, where educating the public about threats takes center stage.

Before joining Huntress, Lindsey built her reputation in journalism, covering the intersection of technology and businesses. She’s reported for top cybersecurity publications like Threatpost and Decipher, delivering trusted coverage on everything from the SolarWinds supply chain breach to the SEC’s cybersecurity disclosure rules.

Lindsey’s go-to security advice? “Enable MFA and use a password manager—your future self will thank you.”

When she’s not writing about cyber threats, you’ll likely find her on the tennis court or exploring new trails with her endlessly energetic pup.

","O'Donnell-Welch","altText","Huntress Default Headshot Image",{"_62":492,"_74":504},"Read blog posts from Lindsey O'Donnell-Welch on the Huntress Blog.","Lindsey ","Staff Technical Community Engagement Writer","Lindsey O'Donnell-Welch Huntress ","lindsey-odonnell-welch",[510,512],{"_328":511},{"_37":126,"_13":330,"_128":325},{"_328":513},{"_37":126,"_13":514,"_128":325},"797c68793452421a98fcd85d40aa6d84",{},1754428413667,1744404673182,"0dThli925XPdcsMI4MRs7L7KCv22",[],"652o8mfzi9c","sortDate",["D",1761278400000],{"_13":524,"_15":525,"_60":526},"8914925e4b244229a16208cce96b2838","Looking Through a Pinhole at a Qilin Ransomware Attack",{"_69":527,"_164":528,"_157":529,"_155":542,"_148":543,"_139":-5,"_521":614},"looking-at-qilin-ransomware-attack","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F642541cb00fe4e90a07832fed51581a9",[530],{"_160":531},{"_37":126,"_13":271,"_128":163,"_43":532},{"_13":271,"_15":272,"_19":19,"_11":533,"_17":285,"_60":534,"_172":541},1739997400726,{"_15":272,"_69":535,"_72":536,"_291":537,"_68":538,"_140":539,"_74":540},"threat-analysis",{"_62":537,"_74":538},"Threat Analysis Blog Posts | Huntress","Read our Threat Analyses in these Huntress blog posts. ","https://www.huntress.com/blog-categories/threat-analysis","

Dive in and nerd out with us on current and emerging cybersecurity threats. We cover attack vectors, threat actors, and new vulnerabilities, providing insights to help you understand and counteract these risks.

","qqdmknh10w","October 22, 2025",[544,559,586],{"_151":545},{"_37":126,"_13":489,"_128":154,"_43":546},{"_11":491,"_13":489,"_15":492,"_17":314,"_19":19,"_20":547,"_34":549,"_60":550,"_45":557,"_47":516,"_49":517,"_50":51,"_54":518,"_56":57,"_58":558,"_172":520},{"_25":60,"_22":63,"_26":548},{"_28":29,"_30":31,"_32":33},[],{"_375":497,"_320":498,"_323":499,"_408":500,"_501":502,"_72":551,"_410":505,"_371":506,"_322":507,"_69":508,"_380":381,"_325":552,"_15":492},{"_62":492,"_74":504},[553,555],{"_328":554},{"_37":126,"_13":330,"_128":325},{"_328":556},{"_37":126,"_13":514,"_128":325},{},[],{"_151":560},{"_37":126,"_13":561,"_128":154,"_43":562},"e53a6e3ef1ec4c63bd424e409f0d0969",{"_11":563,"_13":561,"_15":564,"_17":314,"_19":19,"_20":565,"_34":567,"_60":568,"_45":581,"_47":582,"_49":583,"_50":51,"_54":422,"_56":422,"_58":584,"_172":585},1760633372721,"Ben Folland ",{"_26":566,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_415":569,"_371":570,"_380":381,"_15":564,"_69":571,"_72":572,"_410":575,"_408":576,"_322":577,"_325":578},{},"Security Operations Analyst","ben-folland",{"_62":573,"_74":574},"Ben Folland | Huntress ","Read blog posts from Ben Folland on the Huntress Blog. ","Ben","Folland","Ben Folland Huntress ",[579],{"_328":580},{"_37":126,"_13":330,"_128":325},{},1760633465193,1760633465178,[],"b6ikvvzp7s",{"_151":587},{"_37":126,"_13":588,"_128":154,"_43":589},"66032c1a34a761fda5e296f5",{"_11":590,"_13":588,"_15":591,"_17":314,"_19":19,"_20":592,"_34":594,"_60":595,"_45":610,"_47":611,"_49":590,"_50":51,"_54":392,"_56":453,"_58":612,"_172":613},1742719371916,"Harlan Carvey",{"_25":60,"_22":63,"_26":593},{"_28":29,"_30":31,"_32":33},[],{"_72":596,"_322":-5,"_325":599,"_323":604,"_375":605,"_380":381,"_15":591,"_320":606,"_371":607,"_69":608,"_449":609},{"_146":6,"_74":597,"_144":6,"_62":598},"Read blog posts from Harlan Carvey, Senior Threat Intelligence Analyst on the Huntress Blog.","Harlan Carvey - Senior Threat Intelligence Analyst | Huntress",[600,602],{"_328":601},{"_37":126,"_13":330,"_128":325},{"_328":603},{"_37":126,"_13":333,"_128":325},"

Hanging out where digital forensics meets incident response and threat intel.

“I was in grad school in 1994, and came across something interesting. The \"finger\" app was described as a 'security vulnerability'. I had no idea why this was the case, so I asked the senior sysadmin for the curriculum. She looked at me, smiled, and walked away without saying a word.” So began Harlan’s affinity for digging into head-scratching security questions.

Harlan is Staff Threat Intel Analyst, Adversary Tactics here at Huntress, poised at the intersection of digital forensics and incident response, threat hunting, and threat intel.

He leverages his extensive 20+ years of DFIR (Digital Forensics and Incident Response) experience to focus on threat intelligence, which is essentially unraveling how threat actors are looking to gain entry on endpoints and finding ways to detect it sooner in the attack cycle. Prior to Huntress, Harlan ran the internal SOC at EY. \t

But he doesn’t keep it all to himself, Harlan is an accomplished public speaker, writer, innovative researcher, and analyst. As a published author (besides the below blog posts!), Harlan has published 9 books, including the first book of its kind offering an analysis of the Windows Registry.

When he’s not at work, Harlan enjoys programming in Perl, reading, writing, and working around the farm.

‍

What's your favorite cybersecurity tip, Harlan?
“Do the basics well, beginning with an asset inventory and attack surface reduction.”

‍

","https://www.linkedin.com/in/harlan-carvey-86a8694b/","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffa69b31eae1e4264b7c12bcfa5e0f9a5","Staff Threat Intelligence Analyst","harlan-carvey","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F110b52ecaef146ec9ea537d88a5ab596",{},1752677471801,[],"znexfq0pnt",["D",1761109200000],{"_13":616,"_15":617,"_60":618},"e16dadca6cd84a83b73ab14d9ba47031","I Wish I Was a Little Bit Taller: Dealing with Imperfection in Intrusions ",{"_69":619,"_164":620,"_157":621,"_155":627,"_148":628,"_139":-5,"_521":671},"imperfect-telemetry-techniques-effective-incident-response","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4f5bb63967d7485d8f4d0b3691aa065d",[622],{"_160":623},{"_37":126,"_13":162,"_128":163,"_43":624},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":625,"_172":294},{"_15":260,"_69":287,"_72":626,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"October 21, 2025",[629],{"_151":630},{"_37":126,"_13":631,"_128":154,"_43":632},"66fc0862faf913278b305e9b",{"_11":633,"_13":631,"_15":634,"_17":314,"_19":19,"_20":635,"_34":637,"_60":638,"_45":666,"_47":667,"_49":633,"_50":51,"_54":55,"_56":668,"_58":669,"_172":670},1742719343202,"Anton Ovrutsky",{"_22":63,"_25":60,"_26":636},{"_28":29,"_30":31,"_32":33},[],{"_382":639,"_69":640,"_323":641,"_375":642,"_643":644,"_371":650,"_380":381,"_322":-5,"_325":651,"_15":634,"_72":658,"_661":662,"_320":663,"_410":664,"_408":665},"https://x.com/@Antonlovesdnb","anton-ovrutsky","

From guarding doors to guarding data.

Anton Ovrutsky transitioned into cybersecurity from a Service Desk role, initially gaining experience through governance, risk, and compliance work. At Huntress, he serves as a Principal Threat Hunting and Response Analyst, with an emphasis on tactical response. \"I specialize in looking at the incidents that the SOC escalates that require more in-depth review,\" Anton explains. To put it another way, his expertise ensures that complex security incidents are thoroughly investigated and addressed.

Anton holds several prestigious certifications, including CISSP, OSCP, OSCE, CCSP, and KCNA. Prior to joining Huntress, he gained valuable experience in the SIEM vendor SaaS space.

He holds several prestigious certifications—CISSP, OSCP, OSCE, CCSP, and KCNA. Before joining Huntress, Anton worked in the SIEM vendor SaaS space, where he honed his skills in security information and event management.

What's your favorite cybersecurity tip, Anton?

\"When possible, do not assume something works a certain way unless you've tried it yourself.\"

Outside of work, Anton enjoys watching his favorite shows on his favorite couch, spending time with his wife and cats, and weightlifting. Before embarking on his cybersecurity career, he earned a master's degree in European History and even worked as a night club bouncer. Now, that’s a well-rounded resume.

Follow Anton on X: @Antonlovesdnb

","https://www.linkedin.com/in/antonovrutsky/","specialties",[645,648],{"_646":647},"specialty","initial access",{"_646":649},"lateral movement","Principal Threat Hunting and Response Analyst",[652,654,656],{"_328":653},{"_37":126,"_13":330,"_128":325},{"_328":655},{"_37":126,"_13":333,"_128":325},{"_328":657},{"_37":126,"_13":514,"_128":325},{"_74":659,"_144":6,"_62":660,"_146":6},"Read blog posts from Anton Ovrutsky on the Huntress Blog.","Anton Ovrutsky | Huntress","bioDetailShort","Anton Ovrutsky transitioned into cybersecurity from a Service Desk role, initially gaining experience through governance, risk, and compliance work.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ff941baab28f74a829eb9f8619d0e4a0f","Anton","Ovrutsky",{},1754419091628,"jUlbsxh3TzMKTX6guQoqpyiR6NT2",[],"i7mp97pkldd",["D",1761022800000],{"_13":673,"_15":674,"_60":675},"9969bb7ba36a4a2ba84dcb9c6cd16dbd","Dispelling Ransomware Deployment Myths",{"_69":676,"_164":677,"_157":678,"_155":684,"_148":685,"_139":-5,"_521":716},"dispelling-ransomware-deployment-myths","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F1a0b787ebf684620a602320f6e66cd17",[679],{"_160":680},{"_37":126,"_13":162,"_128":163,"_43":681},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":682,"_172":294},{"_15":260,"_69":287,"_72":683,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"October 16, 2025",[686,701],{"_151":687},{"_37":126,"_13":588,"_128":154,"_43":688},{"_11":590,"_13":588,"_15":591,"_17":314,"_19":19,"_20":689,"_34":691,"_60":692,"_45":699,"_47":611,"_49":590,"_50":51,"_54":392,"_56":453,"_58":700,"_172":613},{"_25":60,"_22":63,"_26":690},{"_28":29,"_30":31,"_32":33},[],{"_72":693,"_322":-5,"_325":694,"_323":604,"_375":605,"_380":381,"_15":591,"_320":606,"_371":607,"_69":608,"_449":609},{"_146":6,"_74":597,"_144":6,"_62":598},[695,697],{"_328":696},{"_37":126,"_13":330,"_128":325},{"_328":698},{"_37":126,"_13":333,"_128":325},{},[],{"_151":702},{"_37":126,"_13":489,"_128":154,"_43":703},{"_11":491,"_13":489,"_15":492,"_17":314,"_19":19,"_20":704,"_34":706,"_60":707,"_45":714,"_47":516,"_49":517,"_50":51,"_54":518,"_56":57,"_58":715,"_172":520},{"_25":60,"_22":63,"_26":705},{"_28":29,"_30":31,"_32":33},[],{"_375":497,"_320":498,"_323":499,"_408":500,"_501":502,"_72":708,"_410":505,"_371":506,"_322":507,"_69":508,"_380":381,"_325":709,"_15":492},{"_62":492,"_74":504},[710,712],{"_328":711},{"_37":126,"_13":330,"_128":325},{"_328":713},{"_37":126,"_13":514,"_128":325},{},[],["D",1760590800000],{"_13":718,"_15":719,"_60":720},"2ff8d52334b44313aef6a467849f818d","CMMC Final Rule: What DoD Subs Need to Know",{"_69":721,"_164":722,"_157":723,"_155":729,"_148":730,"_139":-5,"_521":758},"cmmc-final-rule-guide-for-dod-subcontractors","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F228215002174478d9d63c89ac4edbd41",[724],{"_160":725},{"_37":126,"_13":162,"_128":163,"_43":726},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":727,"_172":294},{"_15":260,"_69":287,"_72":728,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"October 15, 2025",[731],{"_151":732},{"_37":126,"_13":733,"_128":154,"_43":734},"66048bf38d279e9104a87754",{"_34":735,"_58":736,"_11":737,"_13":733,"_15":738,"_17":314,"_19":19,"_20":739,"_60":741,"_45":755,"_47":756,"_49":737,"_50":51,"_54":392,"_56":392,"_172":757},[],[],1742719367309,"Chris Henderson",{"_26":740,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},{"_375":742,"_69":743,"_380":381,"_320":744,"_322":-5,"_371":745,"_72":746,"_325":749,"_15":738,"_323":754},"https://www.linkedin.com/in/chenderson-cissp/","chris-henderson","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F949468cfcdfb4874b0e4fe51534cec14","Chief Information Security Officer",{"_144":6,"_146":6,"_62":747,"_74":748},"Chris Henderson | Huntress","Read blog posts from Chris Henderson on the Huntress Blog.",[750,752],{"_328":751},{"_37":126,"_13":330,"_128":325},{"_328":753},{"_37":126,"_13":333,"_128":325},"

‍An information security leader dedicated to safeguarding small businesses and enabling communities.

Chris Henderson oversees internal security at Huntress, ensuring the company stays ahead of emerging cyber threats. He also leads the threat intelligence group Adversary Tactics and the Product Security Researchers team, translating threat intelligence into product capabilities and features.

His journey into cybersecurity began unexpectedly. \"(It started with) the initial Diablo game. I was frustrated by being so terrible at it, but I learned how to manipulate the local save files to give myself a boost. It completely changed the way I thought about computers and applications,\" Chris recalls.

Chris holds degrees in both Psychology and Computer Science and is a Certified Information Systems Security Professional (CISSP). Before transitioning into IT and security, he worked as a social worker. \"While it may seem like a big leap, a lot of the interpersonal skills from social work made security change management significantly easier to navigate,\" he notes.

Prior to joining Huntress, Chris spent his entire technical career in the Managed Service Provider (MSP) space, notably at Datto. His expertise includes building scalable, agile, and engaged teams driven by data, specializing in compliance, business continuity, security operations, supply chain risk, and sales enablement.

What's your favorite cybersecurity tip, Chris?

\"Always assume malicious intent. The current state of the world has made it easier than ever to launch a very convincing social engineering attack. Due to this, you should assume every inbound form of communication is malicious until you know for certain otherwise.\"

Outside of work, Chris enjoys photography, board games, and electric skateboarding. He’s also a named inventor on the patent \"Systems and methods for detecting ransomware infection\", which seems relevant.

Check out his LinkedIn page to learn more.

‍

",{},1743718417973,"iaxnf3g2pt",["D",1760504400000],{"_13":760,"_15":761,"_60":762},"e5ef750bc64a40fc9d5f8ee503dd70be","Active Exploitation of Gladinet CentreStack and Triofox Local File Inclusion Flaw (CVE-2025-11371)",{"_69":763,"_164":764,"_157":765,"_155":771,"_139":729,"_148":772,"_521":845},"gladinet-centrestack-triofox-local-file-inclusion-flaw","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fed6898a26597492b96f930c32f27a7a1",[766],{"_160":767},{"_37":126,"_13":268,"_128":163,"_43":768},{"_13":268,"_15":269,"_19":19,"_11":349,"_17":285,"_60":769,"_172":357},{"_15":269,"_69":351,"_72":770,"_291":353,"_68":354,"_140":355,"_74":356},{"_62":353,"_74":354},"October 9, 2025",[773,801,815,830],{"_151":774},{"_37":126,"_13":775,"_128":154,"_43":776},"d329c0b9db1d4b799b35e935a7c85e20",{"_11":777,"_13":775,"_15":778,"_17":314,"_19":19,"_20":779,"_34":781,"_60":782,"_45":796,"_47":797,"_49":798,"_50":51,"_54":422,"_56":422,"_58":799,"_172":800},1759242340419,"Bryan Masters",{"_26":780,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_15":778,"_415":783,"_320":784,"_371":372,"_408":785,"_72":786,"_325":789,"_380":381,"_410":792,"_69":793,"_375":794,"_323":795},{},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fe0a07b0656be4db08894dd61a5058950","Masters",{"_62":787,"_74":788},"Bryan Masters | Huntress","Read blog posts from Bryan Masters on the Huntress Blog. ",[790],{"_328":791},{"_37":126,"_13":330,"_128":325},"Bryan","bryan-masters","https://www.linkedin.com/in/bryan-masters-9a99b11a2/","

Bryan Masters is a seasoned cybersecurity professional with over 18 years of experience, including 13 years as a Cyber Security Specialist in the Australian Army. His journey into cybersecurity began during his military service, when he transitioned from Network Engineer to Cyber Security Specialist. This was a pivotal moment that ignited his passion for the field.

As a Senior Hunt & Response Analyst at Huntress, Bryan is tasked with collaborating with the SOC and Detection Engineering teams to identify and neutralize emerging threats. He has previously obtained several industry certifications, including GISO, GCIA, and GEVA, underscoring his technical expertise.

Bryan is driven by Huntress’ mission to make cybersecurity accessible to all, not just large enterprises. Outside of work, he enjoys rock climbing and mountain biking, finding both to be perfect outlets for staying active and unplugging from screens.

",{},1759843185708,1759242485253,[],"isb0p3jxwts",{"_151":802},{"_37":126,"_13":396,"_128":154,"_43":803},{"_11":398,"_13":396,"_15":399,"_17":314,"_19":19,"_20":804,"_34":806,"_60":807,"_45":813,"_47":420,"_49":421,"_50":51,"_54":422,"_56":422,"_58":814,"_172":424},{"_26":805,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_380":381,"_69":404,"_371":372,"_72":808,"_15":399,"_408":409,"_410":411,"_325":809,"_415":812,"_320":417,"_323":418},{"_74":406,"_62":407},[810],{"_328":811},{"_37":126,"_13":330,"_128":325},{},{},[],{"_151":816},{"_37":126,"_13":427,"_128":154,"_43":817},{"_11":429,"_13":427,"_15":430,"_17":314,"_19":19,"_20":818,"_34":820,"_60":821,"_45":828,"_47":452,"_49":429,"_50":51,"_54":392,"_56":453,"_58":829,"_172":455},{"_26":819,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_380":381,"_322":-5,"_371":435,"_375":436,"_69":437,"_72":822,"_382":441,"_15":430,"_323":442,"_325":823,"_320":448,"_449":450},{"_144":6,"_74":439,"_146":6,"_62":440},[824,826],{"_328":825},{"_37":126,"_13":330,"_128":325},{"_328":827},{"_37":126,"_13":333,"_128":325},{},[],{"_151":831},{"_37":126,"_13":458,"_128":154,"_43":832},{"_11":460,"_13":458,"_15":461,"_17":314,"_19":19,"_20":833,"_34":835,"_60":836,"_45":843,"_47":484,"_49":460,"_50":51,"_54":453,"_56":453,"_58":844,"_172":486},{"_26":834,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_320":466,"_371":467,"_323":468,"_69":469,"_15":461,"_375":470,"_325":837,"_476":477,"_380":381,"_382":478,"_72":842,"_322":-5,"_449":482},[838,840],{"_328":839},{"_37":126,"_13":330,"_128":325},{"_328":841},{"_37":126,"_13":333,"_128":325},{"_144":6,"_74":480,"_62":481,"_146":6},{},[],["D",1760500800000],{"_13":847,"_15":848,"_60":849},"29eae8cccba04f8da5341a50847fe52c","The Crown Prince, Nezha: A New Tool Favored by China-Nexus Threat Actors",{"_69":850,"_164":851,"_157":852,"_155":858,"_139":729,"_148":859,"_521":925},"nezha-china-nexus-threat-actor-tool","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F23d4b0b97a6c44119d5cf9c5ff789138",[853],{"_160":854},{"_37":126,"_13":271,"_128":163,"_43":855},{"_13":271,"_15":272,"_19":19,"_11":533,"_17":285,"_60":856,"_172":541},{"_15":272,"_69":535,"_72":857,"_291":537,"_68":538,"_140":539,"_74":540},{"_62":537,"_74":538},"October 8, 2025",[860,875,905],{"_151":861},{"_37":126,"_13":427,"_128":154,"_43":862},{"_11":429,"_13":427,"_15":430,"_17":314,"_19":19,"_20":863,"_34":865,"_60":866,"_45":873,"_47":452,"_49":429,"_50":51,"_54":392,"_56":453,"_58":874,"_172":455},{"_26":864,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_380":381,"_322":-5,"_371":435,"_375":436,"_69":437,"_72":867,"_382":441,"_15":430,"_323":442,"_325":868,"_320":448,"_449":450},{"_144":6,"_74":439,"_146":6,"_62":440},[869,871],{"_328":870},{"_37":126,"_13":330,"_128":325},{"_328":872},{"_37":126,"_13":333,"_128":325},{},[],{"_151":876},{"_37":126,"_13":877,"_128":154,"_43":878},"d9485461cf724e8aadfd797b2610b87f",{"_11":879,"_13":877,"_15":880,"_17":314,"_19":19,"_20":881,"_34":883,"_60":884,"_45":900,"_47":901,"_49":902,"_50":51,"_54":422,"_56":422,"_58":903,"_172":904},1757511313478,"James Northey",{"_25":60,"_26":882,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_322":880,"_72":885,"_408":888,"_380":889,"_15":880,"_410":890,"_382":891,"_375":892,"_371":893,"_325":894,"_320":897,"_69":898,"_323":899},{"_74":886,"_62":887},"Read blog posts from James Northey on the Huntress blog. ","James Northey | Huntress ","Northey","Huntress ","James","https://x.com/darkrym11","https://www.linkedin.com/in/j-northey","Security Operations Analyst ",[895],{"_328":896},{"_37":126,"_13":330,"_128":325},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Faad2f45e77d346b883c704cd57a9883b","james-northey","

James is a Security Operations Analyst at Huntress. James brings a passion for problem-solving and a knack for cybersecurity to the team. Before joining Huntress, he worked in cybersecurity for the Royal Australian Navy, where he gained hands-on experience with large-scale monitoring, threat detection, and incident response in high-pressure environments. At Huntress, James focuses on malware analysis and reverse engineering, tackling live threats with curiosity and precision.

He’s currently studying for a Bachelor of Science in Cybersecurity at Edith Cowan University and holds the GIAC Reverse Engineering Malware (GREM) certification. James loves being part of a team that gets the job done, while constantly learning in an ever-changing field.

Outside of work, he enjoys exploring the intersection where cyber meets the physical world—how engineering blends with technology in unique ways. His top cybersecurity tip? “Always approach the internet with a healthy level of skepticism. Never take things at face value, stay curious, question what you see, and always look a little deeper.”

Connect with James on LinkedIn, X, or his blog.

",{},1757596778197,1757511449602,[],"opvz5r5z2l",{"_151":906},{"_37":126,"_13":907,"_128":154,"_43":908},"662a8eb64d55ba142210c843",{"_13":907,"_15":909,"_19":19,"_11":910,"_17":314,"_60":911,"_172":924},"Alden Schmidt",1742719348297,{"_15":909,"_69":912,"_72":913,"_320":916,"_322":-5,"_371":917,"_380":381,"_375":918,"_325":919},"alden-schmidt",{"_62":914,"_74":915,"_146":6,"_144":6},"Alden Schmidt | Huntress","Read blog posts from Alden Schmidt on the Huntress Blog.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fb864e24300dc465ba8ec3b06d5ee8718","Senior Detection Engineer","https://www.linkedin.com/in/aldenschmidt/",[920,922],{"_328":921},{"_37":126,"_13":330,"_128":325},{"_328":923},{"_37":126,"_13":333,"_128":325},"dsct91ptbmw",["D",1760500800000],{"_13":927,"_15":928,"_60":929},"d3deab5f950f4a0d9689f4d6c368dc04","How to Offend Your IT Team: A Guide for the Security Unaware",{"_69":930,"_164":931,"_157":932,"_155":938,"_148":939,"_139":-5,"_521":950},"guide-for-security-unaware","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F04d5f449fb9146259edc829189ff2605",[933],{"_160":934},{"_37":126,"_13":162,"_128":163,"_43":935},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":936,"_172":294},{"_15":260,"_69":287,"_72":937,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"October 14, 2025",[940],{"_151":941},{"_37":126,"_13":153,"_128":154,"_43":942},{"_13":153,"_15":312,"_19":19,"_11":313,"_17":314,"_60":943,"_172":334},{"_15":312,"_69":316,"_72":944,"_320":321,"_322":-5,"_323":324,"_325":945},{"_62":318,"_74":319,"_146":6,"_144":6},[946,948],{"_328":947},{"_37":126,"_13":330,"_128":325},{"_328":949},{"_37":126,"_13":333,"_128":325},["D",1760418000000],{"_13":952,"_15":953,"_60":954},"f5273b6141054646b14424d200fbf902","Huntress Threat Advisory: Widespread SonicWall SSLVPN Compromise",{"_69":955,"_164":956,"_157":957,"_155":963,"_148":964,"_139":-5,"_521":975},"sonicwall-sslvpn-compromise","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fe2e2b336e6d04957a6b9b7c061f7858f",[958],{"_160":959},{"_37":126,"_13":271,"_128":163,"_43":960},{"_13":271,"_15":272,"_19":19,"_11":533,"_17":285,"_60":961,"_172":541},{"_15":272,"_69":535,"_72":962,"_291":537,"_68":538,"_140":539,"_74":540},{"_62":537,"_74":538},"October 10, 2025",[965],{"_151":966},{"_37":126,"_13":153,"_128":154,"_43":967},{"_13":153,"_15":312,"_19":19,"_11":313,"_17":314,"_60":968,"_172":334},{"_15":312,"_69":316,"_72":969,"_320":321,"_322":-5,"_323":324,"_325":970},{"_62":318,"_74":319,"_146":6,"_144":6},[971,973],{"_328":972},{"_37":126,"_13":330,"_128":325},{"_328":974},{"_37":126,"_13":333,"_128":325},["D",1760068800000],{"_13":977,"_15":978,"_60":979},"563ed7963a684d8db3861a270dbac966","The Lamest Cybersecurity Tips We’re Tired of Hearing (and What to Do Instead)",{"_69":980,"_164":981,"_157":982,"_155":988,"_148":989,"_139":-5,"_521":1000},"lamest-cybersecurity-tips-what-to-do-instead","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fc66a9cabf8894791bee6e83e9bffef6b",[983],{"_160":984},{"_37":126,"_13":162,"_128":163,"_43":985},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":986,"_172":294},{"_15":260,"_69":287,"_72":987,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"October 7, 2025",[990],{"_151":991},{"_37":126,"_13":153,"_128":154,"_43":992},{"_13":153,"_15":312,"_19":19,"_11":313,"_17":314,"_60":993,"_172":334},{"_15":312,"_69":316,"_72":994,"_320":321,"_322":-5,"_323":324,"_325":995},{"_62":318,"_74":319,"_146":6,"_144":6},[996,998],{"_328":997},{"_37":126,"_13":330,"_128":325},{"_328":999},{"_37":126,"_13":333,"_128":325},["D",1759813200000],{"_13":1002,"_15":1003,"_60":1004},"66f9e044b5830fbc4f2433a2","What Is a Security Awareness Training Program?",{"_69":1005,"_157":1006,"_155":1012,"_139":1013,"_148":1014,"_142":6,"_521":1071},"what-is-a-security-awareness-training-program",[1007],{"_160":1008},{"_37":126,"_13":162,"_128":163,"_43":1009},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":1010,"_172":294},{"_15":260,"_69":287,"_72":1011,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"August 18, 2021","October 6, 2025",[1015,1044],{"_151":1016},{"_37":126,"_13":1017,"_128":154,"_43":1018},"7eadf16770164b6e8f7d3b13cc7c8c55",{"_11":1019,"_13":1017,"_15":1020,"_17":314,"_19":19,"_20":1021,"_34":1023,"_60":1024,"_45":1039,"_47":1040,"_49":1041,"_50":51,"_54":422,"_56":422,"_58":1042,"_172":1043},1747774576925,"Lizzie Danielson",{"_22":63,"_25":60,"_26":1022},{"_28":29,"_30":31,"_32":33},[],{"_410":1025,"_15":1020,"_408":1026,"_375":1027,"_371":1028,"_325":1029,"_322":1032,"_69":1033,"_380":381,"_72":1034,"_320":1037,"_323":1038},"Lizzie","Danielson","https://www.linkedin.com/in/lizzie-danielson/","SEO Manager, Content",[1030],{"_328":1031},{"_37":126,"_13":330,"_128":325},"Lizzie Danielson Huntress ","lizzie-danielson",{"_74":1035,"_62":1036},"Read blog posts from Lizzie Danielson on the Huntress Blog. ","Lizzie Danielson | Huntress ","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd18d166790984250b1b7e693c58662df","

Lizzie Danielson brings a sharp eye for strategy and a deep love for storytelling to her role at Huntress. She first discovered her passion for cybersecurity while working at a digital marketing agency that specialized in supporting MSPs and MSSPs. What started as a curiosity quickly became a calling, leading her to dive deeper into the industry, eventually landing at a leading MSSP, before returning to her roots in marketing.

At Huntress, Lizzie blends technical insight with creative execution to help make cybersecurity knowledge accessible for businesses of all sizes. She’s driven by the company’s mission to protect all businesses in an increasingly hostile cyber landscape—and energized by the brilliant minds she gets to collaborate with every day.

When she’s not crafting content, Lizzie enjoys bird watching, thrifting, baking sourdough, and exploring Florida with her fiancé and three beloved “barketing assistants.”

",{},1752685085567,1747775018230,[],"jztywxlbq7",{"_151":1045},{"_37":126,"_13":1046,"_128":154,"_43":1047},"66048bf5f5dbb4095e6672b4",{"_34":1048,"_58":1049,"_11":1050,"_13":1046,"_15":1051,"_17":314,"_19":19,"_20":1052,"_60":1054,"_45":1067,"_47":1068,"_49":1050,"_50":51,"_54":1069,"_56":55,"_172":1070},[],[],1742719362812,"James O’Leary",{"_26":1053,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},{"_15":1051,"_322":-5,"_371":1055,"_320":1056,"_72":1057,"_323":1059,"_325":1060,"_69":1065,"_375":1066,"_380":381},"Product Marketing Manager","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd8f8451aced8416d939065535851c126",{"_146":6,"_74":1058,"_144":6,"_62":1051},"Read blog posts from James O’Leary on the Huntress Blog.","

“My father has owned a small construction business my whole life and does not have the staff for an IT or security team. I love knowing that Huntress is looking out for and protecting businesses like his.”

James got started in the cyber security space when he joined Huntress in 2022 and is now the Product Marketing Manager for Security Awareness Training.He is passionate about Huntress’s mission of protecting small or underserved businesses and reports that he counts himself lucky to work among highly respected experts in the field who continually help each other learn new things about cyber security.

‍

When he’s not working, you’ll find James being the sporty guy he is, playing golf, hockey, volleyball, or pickleball, watching movies, and trying new restaurants. He also loves to travel abroad and has visited over 20 countries!

What's your favorite cybersecurity tip, James?
“Think before you click!”

‍

Find James on LinkedIn.

‍

",[1061,1063],{"_328":1062},{"_37":126,"_13":330,"_128":325},{"_328":1064},{"_37":126,"_13":333,"_128":325},"james-oleary","https://www.linkedin.com/in/james-o%E2%80%99leary-351184153/",{},1745445706400,"rqPhimgdOfVCrDCbaxcCVZPJeJc2","uuyub298mqk",["D",1759766400000],{"_13":1073,"_15":1074,"_60":1075},"2826596e9400435d81ec0875d2ef50dd","27 Biggest Data Breaches Globally (and Lessons Learned)",{"_69":1076,"_164":1077,"_157":1078,"_155":1085,"_148":1086,"_139":-5,"_521":1108},"biggest-data-breaches","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fcd7122555e5f43d6acf6510c98d2197d",[1079],{"_160":1080},{"_37":126,"_13":262,"_128":163,"_43":1081},{"_13":262,"_15":263,"_19":19,"_11":298,"_17":285,"_60":1082,"_172":1084},{"_15":263,"_69":300,"_72":1083,"_291":302,"_68":303,"_140":304,"_74":305},{"_62":302,"_74":303},"fgco4cog10w","October 3, 2025",[1087],{"_151":1088},{"_37":126,"_13":1089,"_128":154,"_43":1090},"673e4076804468f80b5f2555",{"_13":1089,"_15":1091,"_19":19,"_11":1092,"_17":314,"_60":1093,"_172":1107},"Brenda Buckman",1742719341711,{"_15":1091,"_69":1094,"_72":1095,"_320":1098,"_322":-5,"_371":1099,"_323":1100,"_380":381,"_375":1101,"_325":1102},"brenda-buckman",{"_62":1096,"_74":1097,"_146":6,"_144":6},"Brenda Buckman | Huntress","Brenda Buckman is the Senior Director of Digital Web Presence at Huntress, bringing her passion for storytelling and digital innovation to the forefront of our marketing efforts.","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fea04d403555644f48db8e600fef9e64d","Senior Director, Web","

A passionate storyteller shaping Huntress's digital presence.

Brenda Buckman is the Senior Director of Digital Web Presence at Huntress, bringing her passion for storytelling and digital innovation to the forefront of our marketing efforts.

\"I love working at Huntress for so many reasons, but what stands out the most is the company’s unwavering commitment to the cybersecurity community and its customers,\" Brenda shares. \"Huntress isn’t just about providing a product; it’s about truly putting people first—ensuring that every decision we make prioritizes the protection and peace of mind of those we serve.\"

Specializing in marketing and digital presence—especially web—Brenda focuses on making cybersecurity more accessible and engaging through compelling digital experiences. She appreciates the Huntress culture of transparency and candor. \"It's refreshing to work in an environment where open communication is encouraged. This level of honesty fosters trust, helps keep everyone on the same page, and enables more collaboration,\" she says.

Before joining Huntress, Brenda worked in the home services industry, managing digital products for on-demand service offerings. Her experience honed her skills in creating user-focused digital experiences and delivering solutions that resonate with audiences.

Brenda is also an avid storyteller outside of her work at Huntress—she’s currently crafting her first novel and immersing herself in captivating books, mainly in the science fiction and fantasy realm. She loves being creative in all aspects of her life, from trying out new crafts and hobbies to hosting themed parties for her friends. Recently, she's picked up mahjong, finding it a fun new challenge. Brenda also enjoys live music, traveling, and exploring new culinary experiences as a foodie. \"Life's an adventure, and I love it!\" she says. We tend to believe her.

Learn more about Brenda at her LinkedIn profile.

‍

","https://www.linkedin.com/in/brenda-buckman-40821342/",[1103,1105],{"_328":1104},{"_37":126,"_13":330,"_128":325},{"_328":1106},{"_37":126,"_13":333,"_128":325},"jguc1yx0js",["D",1759507200000],{"_13":1110,"_15":1111,"_60":1112},"b8c151eeef8641d69f8264cc59a0adde","The Craftiest Trends, Scams, and Tradecraft of 2025 (So Far)",{"_69":1113,"_164":1114,"_157":1115,"_155":1121,"_148":1122,"_139":-5,"_521":1138},"craftiest-trends-scams-tradecraft-2025","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F74e8269f3489487c8674e138929b4fa1",[1116],{"_160":1117},{"_13":162,"_128":163,"_37":126,"_43":1118},{"_13":162,"_15":260,"_19":19,"_11":284,"_17":285,"_60":1119,"_172":294},{"_15":260,"_69":287,"_72":1120,"_291":289,"_68":290,"_140":292,"_74":293},{"_62":289,"_74":290},"October 2, 2025",[1123],{"_151":1124},{"_13":489,"_37":126,"_128":154,"_43":1125},{"_11":491,"_13":489,"_15":492,"_17":314,"_19":19,"_20":1126,"_34":1128,"_60":1129,"_45":1136,"_47":516,"_49":517,"_50":51,"_54":518,"_56":57,"_58":1137,"_172":520},{"_25":60,"_22":63,"_26":1127},{"_28":29,"_30":31,"_32":33},[],{"_375":497,"_320":498,"_323":499,"_408":500,"_501":502,"_72":1130,"_410":505,"_371":506,"_322":507,"_69":508,"_380":381,"_325":1131,"_15":492},{"_62":492,"_74":504},[1132,1134],{"_328":1133},{"_37":126,"_13":330,"_128":325},{"_328":1135},{"_37":126,"_13":514,"_128":325},{},[],["D",1759381200000],{"_13":1140,"_15":1141,"_60":1142},"2bf42fdea36647a9af16b6386bf56994","Let’s Be Offensive This Cybersecurity Awareness Month ",{"_69":1143,"_164":1144,"_157":1145,"_155":1151,"_148":1152,"_139":-5,"_521":1163},"be-offensive-cybersecurity-awareness-month","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd848c38c3f154259a822e70c76f92a78",[1146],{"_160":1147},{"_37":126,"_128":163,"_13":262,"_43":1148},{"_13":262,"_15":263,"_19":19,"_11":298,"_17":285,"_60":1149,"_172":1084},{"_15":263,"_69":300,"_72":1150,"_291":302,"_68":303,"_140":304,"_74":305},{"_62":302,"_74":303},"October 1, 2025",[1153],{"_151":1154},{"_37":126,"_128":154,"_13":153,"_43":1155},{"_13":153,"_15":312,"_19":19,"_11":313,"_17":314,"_60":1156,"_172":334},{"_15":312,"_69":316,"_72":1157,"_320":321,"_322":-5,"_323":324,"_325":1158},{"_62":318,"_74":319,"_146":6,"_144":6},[1159,1161],{"_328":1160},{"_37":126,"_13":330,"_128":325},{"_328":1162},{"_37":126,"_13":333,"_128":325},["D",1759323600000],{"_13":1165,"_15":1166,"_60":1167},"a1d9712978624b88a9db641a95e9a82f","Don’t Sweat the *Fix Techniques",{"_69":1168,"_164":1169,"_157":1170,"_155":1176,"_148":1177,"_139":-5,"_521":1206},"dont-sweat-clickfix-techniques","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F3aac48f0a1844cc2975fc08a9e2e82c1",[1171],{"_160":1172},{"_128":163,"_37":126,"_13":271,"_43":1173},{"_13":271,"_15":272,"_19":19,"_11":533,"_17":285,"_60":1174,"_172":541},{"_15":272,"_69":535,"_72":1175,"_291":537,"_68":538,"_140":539,"_74":540},{"_62":537,"_74":538},"September 29, 2025",[1178],{"_151":1179},{"_13":1180,"_128":154,"_37":126,"_43":1181},"9c882463f666457fabb0963b5e4cfe63",{"_11":1182,"_60":1183,"_49":1198,"_45":1199,"_47":1200,"_56":422,"_20":1201,"_13":1180,"_17":314,"_15":1186,"_19":19,"_58":1203,"_34":1204,"_50":51,"_54":422,"_172":1205},1747948578064,{"_69":1184,"_320":1185,"_15":1186,"_323":1187,"_72":1188,"_410":1191,"_375":1192,"_371":917,"_408":1193,"_380":381,"_325":1194,"_322":1197},"tyler-bohlmann","https://ca.slack-edge.com/T095F397A-U071VCM44CB-eeebbded84e2-512","Tyler Bohlmann","

Tyler Bohlmann, Detection Engineer at Huntress, brings a wealth of expertise to the world of cybersecurity. His passion for the field was sparked in an unexpected way—through a failed security internship interview, where he discovered pen testing and the fascinating tactics of red teams. Since then, he has dedicated himself to excelling in detection engineering, gap analysis, adversary emulation, and purple teaming.

With certifications like BTL2 and eJPT under his belt and a standout achievement as a speaker at BSidesSLC 2022, Tyler is no stranger to dissecting complex cybersecurity challenges. His presentation on detecting offensive tools (“Unpacking Impacket”) offered valuable insights into identifying remote execution techniques.

Before joining Huntress, Tyler gained hands-on experience working within the MDR space as a Threat Hunter and Incident Handler at Red Canary and various MSPs, where he tackled everything from IT consulting to desktop and helpdesk support. At Huntress, he thrives on collaborating with the talented teams to help protect organizations he used to serve as an IT technician.

When he’s not conducting research or emulating adversaries, Tyler spends his time with his family, practicing Brazilian jiu-jitsu, experimenting with coffee brewing, or exploring his interests in photography and music.

His favorite cybersecurity tip? “A question well stated is a problem half-solved - Chris Sanders”

",{"_74":1189,"_62":1190},"Read blog posts from Tyler Bohlmann on the Huntress Blog. ","Tyler Bohlmann | Huntress ","Tyler","https://www.linkedin.com/in/tylerbohlmann/","Bohlmann",[1195],{"_328":1196},{"_37":126,"_13":330,"_128":325},"Tyler Bohlmann Huntress",1747948743852,{},1749756532890,{"_22":63,"_25":60,"_26":1202},{"_32":33,"_28":29,"_30":31},[],[],"1ide8bcyn2f",["D",1759122000000],"totalPages",35,"pageNumber","event","loader","common",{"_1214":1215,"_1744":1745,"_1810":1811,"_1873":1874},"headerContent",[1216,1300,1413,1484,1562,1579],{"_58":1217,"_45":1218,"_56":55,"_60":1219,"_47":1291,"_15":1225,"_11":1292,"_19":19,"_54":55,"_49":1293,"_20":1294,"_50":51,"_17":1296,"_34":1297,"_13":1298,"_172":1299},[],{},{"_1220":1221,"_1222":1223,"_1224":1225,"_1226":1227},"type","Menu","linkProperties",{},"menuText","Platform","columns",[1228,1262],{"_1229":1230,"_1234":105,"_1220":1235,"_1236":79,"_62":1237,"_1238":1239},"footerLink",{"_77":1231,"_1232":1233},"/platform","text","Platform Overview","columnSpan","Link List","showTitle","Huntress Managed Security Platform","links",[1240,1247,1252,1257],{"_77":1241,"_1220":1242,"_1243":1244,"_121":1245,"_62":1246},"/platform/managed-edr","Text Link","icon","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Feb16a0fc49194ef3a61c385bd0d0f312","

Get full endpoint visibility, detection, and response.

","Managed EDR",{"_121":1248,"_1243":1249,"_1220":1242,"_62":1250,"_77":1251},"

Empower your teams with science-backed security awareness training.

","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fcd0acdb221c84200a837d97a6bac46a7","Managed Security Awareness Training","/platform/security-awareness-training",{"_1220":1242,"_121":1253,"_1243":1254,"_77":1255,"_62":1256},"

Protect your Microsoft 365 identities and email environments.

","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffd3a938d7dfc41bdac34c3f46a36afb2","/platform/managed-itdr","Managed ITDR",{"_62":1258,"_1243":1259,"_77":1260,"_121":1261,"_1220":1242},"Managed SIEM","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F5638ee75bf42433c81332c153db5cb15","/platform/siem","

Managed threat response and robust compliance support at a predictable price.

",{"_1236":6,"_1220":1263,"_1234":51,"_142":79,"_1229":1264,"_62":1265,"_1266":1267},"Card",{},"Learn More Card","cardContentReference",{"_37":126,"_13":1268,"_128":1269,"_43":1270},"be5723c7f6674c6db1ebfc79503cb723","custom-cards",{"_11":1271,"_60":1272,"_34":1282,"_15":1274,"_50":51,"_45":1283,"_47":1284,"_54":55,"_58":1285,"_17":1286,"_49":1287,"_56":55,"_13":1268,"_19":19,"_20":1288,"_172":1290},1738695869997,{"_121":1273,"_15":1274,"_1275":1276,"_1277":1278,"_1279":1278,"_1280":1276,"_164":1281},"Try Huntress for free and deploy in minutes to start fighting threats.","Learn More","linkUrl","/demo","linkLabelText","Request a Demo","ctaText","ctaUrl","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4dcf43805cea496b92a4b04334297b54",[],{},1749580539246,[],"6debca3e2db24468b466376fc09f0c11",1738695944669,{"_26":1289,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},"nugvh4lxb8",1749740747998,1749525643074,1749565841689,{"_25":60,"_26":1295,"_22":63},{"_30":31,"_28":29,"_32":33},"a8d3d337534a4f77aa8de03d557b7d7c",[],"1644f670abc3422fb4ae58c911ab52e0","8qy0myinkda",{"_11":1301,"_13":1302,"_15":1303,"_17":1296,"_19":19,"_20":1304,"_34":1306,"_60":1307,"_45":1409,"_47":1410,"_49":1411,"_50":51,"_54":55,"_56":57,"_58":1412,"_172":1299},1749530546748,"5233b983391e46bea1a73aa4e64e3e1f","Solutions",{"_26":1305,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_1222":1308,"_1226":1309,"_1224":1303,"_1220":1221},{},[1310,1326,1350],{"_1236":79,"_1229":1311,"_1220":1235,"_1238":1312,"_1234":51,"_62":1325},{},[1313,1317,1321],{"_1220":1242,"_77":1314,"_1243":1315,"_62":1316},"/solutions/topics/phishing","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fd8af97b52a364281ae4ae771eac29f60","Phishing",{"_1220":1242,"_77":1318,"_1243":1319,"_62":1320},"/solutions/topics/cybersecurity-compliance","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F5437345f68ab4fecb25e1bf64d596f05","Compliance",{"_1243":1322,"_1220":1242,"_77":1323,"_62":1324},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fe0006e0247a84d538abfdb56270b1971","/solutions/topics/business-email-compromise","Business Email Compromise","Solutions by Topic",{"_1238":1327,"_1236":79,"_62":1348,"_1220":1235,"_1234":51,"_1229":1349},[1328,1332,1336,1340,1344],{"_1243":1329,"_1220":1242,"_77":1330,"_62":1331},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4951efeb175d46a28d43a56e44f1aaa6","/industries/education","Education",{"_62":1333,"_77":1334,"_1243":1335,"_1220":1242},"Finance","/industries/financial-services","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F2c6e56c396984defa968946c3305fd5d",{"_77":1337,"_62":1338,"_1243":1339,"_1220":1242},"/industries/healthcare","Healthcare","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fad40fb4e0e8f4fc3a283928e18d2cb07",{"_1243":1341,"_77":1342,"_62":1343,"_1220":1242},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa1a16399f6f94c3da8e42ddbe735c1c1","/industries/manufacturing","Manufacturing",{"_77":1345,"_1220":1242,"_62":1346,"_1243":1347},"/industries/state-and-local-government","State & Local Government","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fdafe6a53f78a407c80691541d7e292b9","Solutions by Industry",{},{"_1234":51,"_62":1351,"_142":79,"_1220":1263,"_1352":1353,"_1236":79,"_1229":1355,"_1266":1357},"Featured Resource","cardContentOverride",{"_121":1354},"

Packed with the information, tools, and guidance you need to keep your organization running smoothly and, most importantly, your patients safe.

",{"_1232":1356,"_77":63},"Get the Kit",{"_37":126,"_13":1358,"_128":1359,"_43":1360},"66c49e7c03769aca3efd1adf","resources",{"_13":1358,"_15":1361,"_19":19,"_11":1362,"_17":1363,"_60":1364,"_172":1408},"Healthcare Cybersecurity Success Kit",1742716627143,"5c10263d01de417681f67c6df9d9a9d4",{"_15":1361,"_69":1365,"_155":1366,"_139":1367,"_72":1368,"_140":1371,"_142":6,"_1372":79,"_164":1373,"_1374":1375,"_1376":1375,"_1377":1378,"_1396":1397,"_1280":1406,"_1279":1407},"healthcare-cybersecurity-success-kit","2024-08-21T00:00:00.000Z","2024-08-22T14:36:33.220Z",{"_62":1369,"_74":1370,"_146":6,"_144":6},"Healthcare Cybersecurity Success Kit | Huntress","This Healthcare Cybersecurity Success Kit is packed with the information, tools, and guidance you need to keep your organization running smoothly and, most importantly, your patients safe.","https://www.huntress.com/resources/healthcare-cybersecurity-success-kit","gated","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F25165b11288e4ab8ab0dc72832f4eb5e","preGateContent","

Hackers are hitting healthcare hard. From large hospital networks to small rural clinics, nothing’s off-limits anymore.

But you don't have to take it. This Healthcare Cybersecurity Success Kit is packed with the information, tools, and guidance you need to keep your organization running smoothly and, most importantly, your patients safe.

","postGateContent","tags",[1379,1388],{"_1380":1381},"tag",{"_37":126,"_13":1382,"_128":1377,"_43":1383},"6619a1966fc1cc2a81065887",{"_13":1382,"_15":1338,"_19":19,"_11":1384,"_17":1385,"_60":1386,"_172":1387},1741825542581,"06a1fff4f2d64eed986229acc010c74f",{"_15":1338},"gfxlhoc2vbs",{"_1380":1389},{"_37":126,"_13":1390,"_128":1377,"_43":1391},"65f3299e49a461b4b9c72e83",{"_13":1390,"_15":1392,"_19":19,"_11":1393,"_17":1385,"_60":1394,"_172":1395},"Mastering Cybersecurity",1741825551705,{"_15":1392},"k3h838pd8wh","assetType",{"_37":126,"_13":1398,"_128":1399,"_43":1400},"65f3299e49a461b4b9c72e40","asset-types",{"_13":1398,"_15":1401,"_19":19,"_11":1402,"_17":1403,"_60":1404,"_172":1405},"Success Kit",1741790296798,"50c69b616da14a22b2d7092dd07fd641",{"_15":1401},"14s81qvd8gr","https://www.huntress.com/industries/healthcare/healthcare-resource-kit","Get the Healthcare Cybersecurity Success Kit","omu9mtuv4y",{},1753628029636,1749565841905,[],{"_11":1414,"_13":1415,"_15":1416,"_17":1296,"_19":19,"_20":1417,"_34":1419,"_60":1420,"_45":1480,"_47":1481,"_49":1482,"_50":51,"_54":55,"_56":392,"_58":1483,"_172":1299},1749560149759,"94db9c6a65e047acb4ac7d4d2ea0da30","Why Huntress",{"_26":1418,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_1226":1421,"_1224":1416,"_1222":1479,"_1220":1221},[1422,1439,1452],{"_1229":1423,"_1220":1235,"_1238":1424,"_62":1438,"_1236":79,"_1234":51},{},[1425,1429,1434],{"_62":1426,"_1243":1427,"_77":1428,"_1220":1242},"Managed Service Providers","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F11f54e8f5fb54aadbf4c71effaab65a5","/why-huntress/managed-service-providers",{"_501":1430,"_77":1431,"_62":1432,"_1243":1433,"_1220":1242},"Platform Icon","/why-huntress/value-added-resellers","Value Added Resellers","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ff0209e5a35e34a25a31075aca24dec96",{"_77":1435,"_1243":1436,"_1220":1242,"_62":1437},"/why-huntress/it-security-teams","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ff257bebdca1c45cab6259f8436ca7221","IT & Security Teams","Who We Serve",{"_1236":79,"_1234":51,"_1220":1235,"_62":1440,"_1229":1441,"_1238":1442},"The Huntress Difference",{},[1443,1448],{"_77":1444,"_501":1445,"_1243":1446,"_62":1447,"_1220":1242},"/why-huntress/24-7-soc","Issue Detected - Alert Icon","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F4cc0a301d59343f08fa3fd23661a7726","Huntress SOC",{"_77":1449,"_1243":1450,"_62":1451,"_1220":1242},"/success-stories","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fff7b259c7c5c408f9747e8a28989015b","Case Studies",{"_62":1453,"_1220":1235,"_1229":1454,"_1236":79,"_1238":1457,"_142":79,"_1234":51},"Compare Huntress",{"_77":1455,"_1232":1456},"/comparison","Compare All",[1458,1461,1464,1467,1470,1473,1476],{"_77":1459,"_62":1460,"_1220":1242},"/comparison/huntress-vs-bitdefender","Bitdefender",{"_77":1462,"_1220":1242,"_62":1463},"/comparison/huntress-vs-blackpoint","Blackpoint",{"_1220":1242,"_77":1465,"_62":1466},"/comparison/huntress-vs-crowdstrike","CrowdStrike",{"_1220":1242,"_62":1468,"_77":1469},"Datto","/comparison/huntress-vs-datto",{"_1220":1242,"_62":1471,"_77":1472},"SentinelOne","/comparison/huntress-vs-sentinelone",{"_62":1474,"_77":1475,"_1220":1242},"Sophos","/comparison/huntress-vs-sophos",{"_1220":1242,"_77":1477,"_62":1478},"/comparison/huntress-vs-webroot","Webroot",{},{},1754067690665,1749565841954,[],{"_54":55,"_60":1485,"_13":1553,"_47":1554,"_49":1555,"_20":1556,"_56":55,"_15":1486,"_45":1558,"_17":1296,"_58":1559,"_19":19,"_34":1560,"_50":51,"_11":1561,"_172":1299},{"_1220":1221,"_1224":1486,"_1222":1487,"_1226":1488},"Resources",{},[1489,1513,1535],{"_1236":79,"_62":1490,"_1234":51,"_1238":1491,"_1229":1510,"_1220":1235},"Resource Center",[1492,1495,1498,1501,1504,1507],{"_1220":1242,"_77":1493,"_62":1494},"/resources?assetTypes=Datasheet","Datasheets",{"_62":1496,"_77":1497,"_1220":1242},"Ebooks","/resources?assetTypes=eBook",{"_62":1499,"_1220":1242,"_77":1500},"Reports","/resources?assetTypes=Report",{"_77":1502,"_1220":1242,"_62":1503},"/resources?assetTypes=On-Demand+Webinar","On-Demand Webinars",{"_77":1505,"_62":1506,"_1220":1242},"/resources?assetTypes=Whitepaper","Whitepapers",{"_77":1508,"_62":1509,"_1220":1242},"/resources?assetTypes=Video","Videos",{"_1232":1511,"_77":1512},"View All Resources","/resources",{"_1238":1514,"_1229":1533,"_1234":51,"_1236":6,"_62":1534,"_1220":1235},[1515,1517,1521,1525,1529],{"_1243":1516,"_1220":1242,"_62":16,"_77":44},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F7f4ca3bd558f425da4f12b81befbb279",{"_77":1518,"_1220":1242,"_1243":1519,"_62":1520},"/upcoming-events","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F6aa1f0e921a844ed9975b8c477720a6c","Upcoming Events",{"_62":1522,"_77":1523,"_1220":1242,"_1243":1524},"Support Documentation","https://support.huntress.io/hc/en-us","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fac02933fbb964cdf9e6c8b3b2280fa5d",{"_62":1526,"_1220":1242,"_1243":1527,"_77":1528},"Integrations","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F75378b21898340b6b863c3b68ae0a980","/integrations",{"_62":1530,"_77":1531,"_1243":1532,"_1220":1242},"Huntress Hub","https://hub.huntress.com/#/page/login","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fabe11db97e084bfeb9d370076781caea",{},"Other Resources",{"_62":1536,"_142":79,"_1220":1235,"_1238":1537,"_1236":79,"_1229":1552,"_1234":51},"Produced by Huntress",[1538,1543,1548],{"_204":1539,"_77":1540,"_1220":1541,"_62":1542},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fea18a565ed0e4bdda1f6881a955de34c","/tradecraft-tuesday","Image Link","Tradecraft Tuesday",{"_62":1544,"_1220":1541,"_77":1545,"_501":1546,"_204":1547},"Fireside Chat","/firesidechat","Fireside Chat Community Series","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F98c34785dc62414381fe4d25b1d355a9",{"_204":1549,"_62":1550,"_1220":1541,"_77":1551},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F5f3ffde6942c41b6885da8bc727a4cc5","Product Lab Channel","/product-lab-channel",{},"e21c3f198af24be5b52f72480500ff2d",1749676549589,1749565842009,{"_22":63,"_26":1557,"_25":60},{"_28":29,"_30":31,"_32":33},{},[],[],1749560786283,{"_11":1563,"_13":1564,"_15":1565,"_17":1296,"_19":19,"_20":1566,"_34":1568,"_60":1569,"_45":1575,"_47":1576,"_49":1577,"_50":51,"_54":55,"_56":55,"_58":1578,"_172":1299},1749561737294,"84190317c5f14f32ae91ba95a125371a","Pricing",{"_22":63,"_25":60,"_26":1567},{"_28":29,"_30":31,"_32":33},[],{"_1222":1570,"_1220":1574,"_1224":1565,"_1275":1571},{"_77":1571,"_1232":1565,"_1572":1573},"/pricing","target","_self","Link",{},1749579606414,1749565842037,[],{"_11":1580,"_13":1581,"_15":1582,"_17":1296,"_19":19,"_20":1583,"_34":1585,"_60":1586,"_45":1740,"_47":1741,"_49":1742,"_50":51,"_54":55,"_56":392,"_58":1743,"_172":1299},1749561775412,"2dc5eb1bcc024fcca43b7644cd21d4a1","About",{"_25":60,"_22":63,"_26":1584},{"_28":29,"_30":31,"_32":33},[],{"_1220":1221,"_1226":1587,"_1222":1739,"_1224":1582},[1588,1610,1625],{"_1238":1589,"_1236":79,"_62":1608,"_1220":1235,"_1234":51,"_1229":1609},[1590,1594,1599,1603],{"_1220":1242,"_62":1591,"_1243":1592,"_77":1593},"Our Story","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F38494b4ddb7a45a78ca20d43a03176bf","/company/our-company",{"_501":1595,"_1243":1596,"_1220":1242,"_62":1597,"_77":1598},"Leadership Icon","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F33845c53ebd4472b9806d7a76b742616","Leadership","/company/leadership",{"_1220":1242,"_1243":1600,"_77":1601,"_62":1602},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F3a5e883de76c4f5686d64a1dc0dbe7b6","/company/press","Latest News",{"_1243":1604,"_77":1605,"_1220":1242,"_62":1606,"_501":1607},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F107b70abda5841439fca3a13a02929cf","/awards-and-accolades","Awards","Awards Icon","About Huntress",{},{"_1229":1611,"_1220":1235,"_1234":51,"_62":1612,"_1238":1613},{},"Careers",[1614,1618,1620],{"_501":1615,"_77":1616,"_62":1612,"_1243":1617,"_1220":1242},"Verify Icon","/company/careers","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F80b5a5a31d2245e49c4038e433792c22",{"_62":1520,"_77":1518,"_1243":1619,"_1220":1242},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F1490131472ce4b94a57df268649354a0",{"_501":1621,"_77":1622,"_62":1623,"_1220":1242,"_1243":1624},"SAT Content Icon","/contact-us","Contact Us","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F3324b3cde0b84f3b8749e3f6577c6540",{"_142":79,"_62":1626,"_1234":51,"_1236":79,"_1229":1627,"_1352":1631,"_1220":1263,"_1266":1634},"Featured Success Story",{"_1572":1628,"_77":1629,"_1232":1630},"_blank","https://cdn.builder.io/o/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F659979229f5449f28c49a65895b9d2ef?alt=media&token=e87850ca-2ec6-4625-a6d9-b2e8a487f1ad&apiKey=3eb6f92aedf74f109c7b4b0897ec39a8","Read the Study",{"_1572":1628,"_77":1629,"_501":1632,"_164":1633},"Key Methods Logo","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F92852707f65d412faf9ede9ade8030f1",{"_37":126,"_13":1635,"_128":1636,"_43":1637},"2d71ea3f63c447d7a361e21502a74e15","success-stories",{"_11":1638,"_13":1635,"_15":1639,"_17":1640,"_19":19,"_20":1641,"_34":1643,"_60":1644,"_45":1734,"_47":1735,"_49":1736,"_50":51,"_54":392,"_56":668,"_58":1737,"_172":1738},1743800825454,"Key Methods","84071192fd6043e68c9d5963be3e722b",{"_26":1642,"_22":63,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_1645":1646,"_1647":1629,"_1648":1649,"_1650":1651,"_1652":1653,"_1654":1655,"_1656":1657,"_1658":1659,"_501":1632,"_69":1684,"_1685":1686,"_164":1687,"_121":1688,"_380":1639,"_72":1689,"_15":1639,"_1692":1693,"_1694":1695,"_1732":79,"_1733":79},"orderDate","Fri Apr 04 2025 00:00:00 GMT-0700 (Pacific Daylight Time)","caseStudyPdfUrl","companyContactName","Dan Paquette","heroHeadline","The MSP Who Saw It All","fullWidthQuote","

“When your primary security layers are all unified in one platform, it’s easier to build depth with a vendor. And when everything feeds into the same SOC, it’s even better.”

","heroSubhead","How Key Methods Stopped Guessing and Took Control with Huntress Managed SIEM","companyAbout","

Founded in 1998 as a small IT support company, Key Methods found their niche in providing professional technology services that let their customers focus on core business competencies without worrying about their IT infrastructure.

In 2002, they shifted their focus to proactively monitor and maintain their clients’ computer networks. This new approach of focusing on “up-time” instead of waiting for “things to break” helped them grow. Today, their team consists of nearly 20 employees, serving clients around the Pacific Northwest. They look forward to pursuing their goal to be Washington State’s premier IT services company.

","mainContent",{"_1660":1661},"section",[1662,1666,1668,1670,1672,1675,1677,1680,1682],{"_1663":63,"_1664":1665},"columnTwo","columnOne","

Prologue | Key Methods’ history with Huntress

Key Methods first tried Huntress in 2022. They rolled out Huntress Managed Endpoint Detection and Response (EDR) across all their clients for a month, but they scaled back when no major security issues popped up. Instead, they took a more selective approach, using it only when they spotted something suspicious or during new client onboarding.
\n

",{"_1663":63,"_1664":1667},"

Incident one | Managed EDR quickly shuts down a threat

In 2023, Huntress Managed EDR came in handy, flagging suspicious activity inside a client’s network. This wasn’t just any client, however. It was a company handling vast sums of money and a treasure trove of personal data. In other words, a prime target for hackers.

Huntress’ Security Operations Center (SOC) stepped in quickly, working hand-in-hand with Key Methods. In no time, endpoints were isolated, access was shut down, and the threat was contained.

Crisis averted.

…or so it seemed.

",{"_1663":63,"_1664":1669},"

Post-incident | The decision no MSP wants to make

The real challenge started after the immediate threat was handled. Key Methods was left with critical questions that would inform their next steps.

“All we knew was the attackers had possibly seen things they shouldn’t have,” says Dan Paquette, Managing Partner at Key Methods.

The entire Key Methods team was on edge, haunted by questions like, “How did the hackers get in?” “What data was compromised?” “Could they still be in the system?”

With little in terms of logs or data to go on, they had to make the call no MSP ever wants to make—shut everything down.

",{"_1663":63,"_1664":1671},"

Before Huntress Managed SIEM | Playing a costly game of guesswork

The impact was huge. The client faced over a week of downtime, more than $75,000 on incident response (IR) and legal fees, and uncertainty about their future.

“It felt like forever to get the client back online,” Paquette admits. “There were so many unknowns. We were digging through user logs, piecing together backward forensics, but our records only went back so far.”

In the end, it turned out the hacker hadn’t actually stolen any data. Using only screenshots and trickery, they’d pulled off a convincing illusion of a full database breach, leaving the client believing the worst. No data was lost, but the financial and operational toll was massive.

This was a wake-up call for Key Methods. They realized they needed more than just the ability to detect and respond to threats. They needed clear, immediate answers, especially when it mattered most.

",{"_1664":1673,"_1663":1674},"

“Managed SIEM provides us with immediate, actionable insights, so we’re never left guessing during critical moments.”

","

Incident two | Managed SIEM reveals all

Not long after the incident, Huntress launched Managed Security Information and Event Management (SIEM). Key Methods jumped on board, determined to avoid ever being uncertain again. While still fine-tuning when another mass-isolation event hit, the difference was obvious.

This time, a hacker exploited a vulnerability in a client’s firewall. In the past, critical decisions had to be made in real time about whether to call in IR teams, consult legal, or notify cyber insurance. Without solid data, every decision felt like a gamble—overreacting meant wasting time and money, but hesitating could spell disaster.

With Huntress Managed SIEM in place, everything changed. Put simply, there was no more guessing. The system didn’t just flag threats—it connected the dots. Every log, every move, every breadcrumb the attacker left behind was laid out clearly.

With new technology and capabilities at their fingertips, Key Methods had complete clarity to act fast and make the right calls.

",{"_1663":63,"_1664":1676},"

Unraveling the incident | The Huntress SOC paints a clear picture

The Huntress SOC quickly collaborated with Key Methods, providing clarity within hours. Detailed logs revealed the timeline of events and exactly where the attackers had been.

“Thanks to Managed SIEM, we had critical information fast,” said Paquette. “We reviewed the logs and immediately recognized the severity of the issue, allowing us to involve IR and legal teams quickly”

With Managed SIEM’s robust logging capabilities, Key Methods easily exported accurate, reliable data to the IR firm. “There was no question about the quality or authenticity of the logs,” Paquette noted. This significantly accelerated the investigation and led to a crucial finding: no data had been exfiltrated.

“Smaller MSPs like us usually don’t have a SOC,” Paquette explained. “With breaches in the past, we had to bring in an external team, install their tools, and wait for results. This time around, Managed SIEM handled it all. We told the SOC what we needed, ran a quick query, and immediately got clear answers like, ‘No, that executable wasn’t run anywhere else in the organization.’”

With vital insight, Key Methods swiftly shifted their focus to recovery. By isolating affected systems on day one, they could begin restoration efforts right away.

",{"_1663":1678,"_1664":1679},"

“The SOC analyzed every executable across all machines and confidently pinpointed exactly which devices the hackers had compromised. Having access to such precise, actionable information is incredibly powerful.”

","

Incident three | Managed SIEM wins the race against downtime

Weeks later, another mass-isolation event unfolded, this time targeting a bustling factory—a place where assembly lines hum, conveyor belts zip, and products are packaged with non-stop precision. A place where every minute of downtime risked thousands of dollars in lost revenue.

Again, an attacker exploited a vulnerability in the client’s firewall. But this time, there was no panic.

“We got on the phone with Huntress, and a SOC analyst immediately understood the situation,” recalls Paquette. “Within hours, we identified the issue and had already begun restoring operations. This time, legal or IR teams weren’t even needed.”

Armed with real-time intelligence from the Huntress SOC and Managed SIEM, Key Methods knew the attack’s origin with unparalleled speed. The factory was back online the same day.

“The SOC analyzed every executable across all machines and confidently pinpointed exactly which devices the hackers had compromised,” Paquette explains. “Having access to such precise, actionable information is incredibly powerful.”

What could’ve been a financially devastating shutdown was a masterclass in resilience.

",{"_1663":63,"_1664":1681},"

The power of Managed SIEM | Achieving true confidence, clarity, and control

For Key Methods, Managed SIEM brought unprecedented clarity, control, and responsiveness to their operations. With Huntress Managed SIEM, they can:

Respond to incidents in hours instead of days
Minimize client downtime and significantly cut recovery costs
Protect clients from escalating threats while avoiding unnecessary legal or forensic complications
Make decisive, high-stakes calls with confidence because they’re armed with clear insights on what happened, how it happened, and what data was affected

“It’s all about confidence and clarity,” says Paquette. “Managed SIEM provides us with immediate, actionable insights, so we’re never left guessing during critical moments.”

",{"_1663":63,"_1664":1683},"

Why Key Methods is all-in on Huntress

From day one, Huntress Managed SIEM proved its worth by helping Key Methods contain threats faster, reduce downtime, and avoid unnecessary third-party headaches. While hackers rely on staying hidden, Managed SIEM gave Key Methods complete clarity into their malicious ways.

While Managed EDR wasn’t initially a priority, it didn’t take long for Key Methods to see the power of the entire Huntress platform. Now, they’ve expanded further to make Identity Threat Detection and Response (ITDR) and Security Awareness Training (SAT) part of their offerings. Instead of treating them as optional extras, they’ve baked them into their core service plans.

What really sets Huntress apart is the technology, which is purpose-built for the Huntress SOC. This tight integration of proprietary tools and human expertise creates a defense system that radically cuts down on errors, response times, and risks.

“When your primary security layers are all unified in one platform, it’s easier to build depth with a vendor,” says Paquette. “And when everything feeds into the same SOC, it’s even better.”

","keymethods-case-study","introSectionDescription","

Key Methods, a top managed service provider (MSP) in Washington state, has earned a solid reputation for keeping security front and center in their business. They manage more than 2,000 endpoints and support nearly 80 clients, providing all with strong solutions to tackle the toughest threats. But as they’ve learned, when it comes to cybersecurity, it’s not just about stopping attacks—it’s also about understanding what’s really going on behind the scenes.

","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fccbc23d75b9640b69566b916ea6f832a","

Key Methods had seen their share of security incidents. But when one of their clients suffered a mass-isolation event, they realized they were flying blind. Attackers had accessed sensitive data, but without clear logs, they were left scrambling.

",{"_501":1632,"_62":1690,"_74":1691,"_64":1633}," Key Methods Case Study","Key Methods had seen their share of security incidents. But when one of their clients suffered a mass-isolation event, they realized they were flying blind. Attackers had accessed sensitive data, but without clear logs, they were left scrambling.","companyLocation","Wenatchee, WA","products",[1696,1716],{"_1697":1698},"product",{"_37":126,"_13":1699,"_128":1694,"_43":1700},"671c067f6144c945bfc997d2",{"_11":1701,"_13":1699,"_15":1258,"_17":1702,"_19":19,"_20":1703,"_34":1705,"_60":1706,"_45":1712,"_47":1713,"_49":1701,"_50":51,"_54":55,"_56":55,"_58":1714,"_172":1715},1736141572401,"017139400da04b248757ac73dd38eaff",{"_22":63,"_26":1704,"_25":60},{"_28":29,"_30":31,"_32":33},[],{"_164":1707,"_1708":79,"_1709":1258,"_15":1258,"_501":1710,"_1711":1260},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F284f4bc395cf4c38ae88bfc6f9669fe3","active","shortName","Overwhelming Data Becoming Simplified with SIEM","referenceUrl",{},1756214588904,[],"nytdhrk1h1l",{"_1697":1717},{"_37":126,"_13":1718,"_128":1694,"_43":1719},"664a2fe9c12e9dbfd3b4a0b4",{"_11":1720,"_13":1718,"_15":1246,"_17":1702,"_19":19,"_20":1721,"_34":1723,"_60":1724,"_45":1728,"_47":1729,"_49":1720,"_50":51,"_54":55,"_56":55,"_58":1730,"_172":1731},1736141572469,{"_26":1722,"_25":60,"_22":63},{"_28":29,"_30":31,"_32":33},[],{"_15":1246,"_1645":1725,"_164":1726,"_1708":79,"_501":1727,"_1709":1246,"_1711":1241},"2024-06-04T00:00:00.000Z","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa31d628a29d240dab4e00080df8ffba1","Man working at a desk with headphones on",{},1756214521979,[],"yqbjosnx298","showPdf","showAboutAnchorHyperlink",{},1757688896249,1743803252848,[],"zljsrt8fipi",{},{},1759958473605,1749565842074,[],"footerContent",[1746,1764,1776,1787,1799],{"_13":1747,"_15":1225,"_60":1748},"508d2fee7ccc4b62af82033c8240810d",{"_1238":1749,"_62":1225},[1750,1752,1753,1756,1759,1760,1761,1762],{"_77":1231,"_1751":1237},"linkText",{"_77":1241,"_1751":1246},{"_1751":1754,"_77":1755},"Managed EDR for macOS","/platform/managed-edr-for-macos",{"_1572":1573,"_1751":1757,"_77":1758},"Managed EDR for Linux","/platform/managed-edr-for-linux",{"_1751":1256,"_77":1255},{"_77":1260,"_1751":1258},{"_1751":1250,"_77":1251},{"_1751":1763,"_77":1276},"Book a Demo",{"_13":1765,"_15":1303,"_60":1766},"48e36f6d9651423da2291512cdde8b9e",{"_62":1303,"_1238":1767},[1768,1769,1770,1771,1772,1773,1774,1775],{"_1751":1316,"_77":1314},{"_1751":1320,"_77":1318},{"_1751":1324,"_77":1323},{"_77":1330,"_1751":1331},{"_1751":1333,"_77":1334},{"_77":1337,"_1751":1338},{"_77":1342,"_1751":1343},{"_1751":1346,"_77":1345},{"_13":1777,"_15":1778,"_60":1779},"eaae2a88df264ce8987bc9b7803d090a","Why Huntress?",{"_1238":1780,"_62":1778},[1781,1782,1783,1784,1786],{"_1751":1426,"_77":1428},{"_77":1431,"_1751":1432},{"_77":1435,"_1751":1437},{"_1751":1785,"_77":1444},"24/7 SOC",{"_77":1449,"_1751":1451},{"_13":1788,"_15":1486,"_60":1789},"7c53b226c0d14e18856978d679c98b2a",{"_62":1486,"_1238":1790},[1791,1792,1793,1796,1797],{"_1751":16,"_77":44},{"_1751":1490,"_77":1512},{"_1751":1794,"_77":1795,"_1572":1573},"Cybersecurity 101","/cybersecurity-education/cybersecurity-101",{"_77":1518,"_1751":1520},{"_1572":1628,"_77":1523,"_1751":1522,"_1798":79},"nofollow",{"_13":1800,"_15":1582,"_60":1801},"c211d3560ba74bc9a088ee63b66293ab",{"_62":1582,"_1238":1802},[1803,1805,1806,1808,1809],{"_1751":1804,"_77":1593},"Our Company",{"_1751":1597,"_77":1598},{"_1751":1807,"_77":1601},"News & Press",{"_1751":1612,"_77":1616},{"_1751":1623,"_77":1622},"g2Awards",[1812,1831,1848,1863],{"_13":1813,"_15":1814,"_60":1815},"b1ef1fa50cc44b4cb964fcd76ce27c47","Managed SAT Awards",{"_160":1816,"_1817":1818},"Managed SAT","images",[1819,1822,1825,1828],{"_204":1820,"_501":1821},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fae2a45c9194b4f34a7f4ad7f4ab87759","Summer 2025 Momentum Leader G2 Badge",{"_204":1823,"_501":1824},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F6b92a475a7bb4bd58eafba51d5693bc1","Summer 2025 Regional Leader Canada G2 Badge",{"_501":1826,"_204":1827},"Summer 2025 Grid Leader Small Business G2 Badge","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fc616b18ae24d4749a8c402a04f41a674",{"_204":1829,"_501":1830},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F050a3943be914e71917c1908f00a0c7a","Summer 2025 Regional Leader Europe Small Business G2 Badge",{"_13":1832,"_15":1833,"_60":1834},"a15035cbedea4437bf339e54f6573731","Managed ITDR Awards",{"_160":1256,"_1817":1835},[1836,1839,1842,1845],{"_204":1837,"_501":1838},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fbda7bf46f087452fb892ff33fa6566dd","Summer 2025 Grid Leader G2 Badge",{"_204":1840,"_501":1841},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fc2d494c6fd22444b889a68493352a4ce","Summer 2025 Best Est. ROI G2 Badge",{"_204":1843,"_501":1844},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Ffea26f9142474c28b652246476967941","Summer 2025 High Performer G2 Badge",{"_204":1846,"_501":1847},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F83234adbb34d4cae9ed74a8a59e510ad","Summer 2025 Best Relationship G2 Badge",{"_13":1849,"_15":1850,"_60":1851},"f4f2c8064b7e4e92b01a3c95a41dde18","Managed EDR Awards",{"_1817":1852,"_160":1246},[1853,1855,1858,1860],{"_204":1854,"_501":1838},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fa89433591dea43aea06993ea9a932bc0",{"_204":1856,"_501":1857},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F9bc7e0583c1e4f8a8c9a95d8a9eb0136","Summer 2025 Best Results G2 Badge",{"_501":1844,"_204":1859},"https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2Fec99ed68cdf14c32991363ad838df7df",{"_501":1861,"_204":1862},"Summer 2025 Best Support Enterprise G2 Badge","https://cdn.builder.io/api/v1/image/assets%2F3eb6f92aedf74f109c7b4b0897ec39a8%2F86c5949a7494413f90457a01724a5554",{"_13":1864,"_15":1865,"_60":1866},"9b043f11647d490c8780d9136cf88b34","Default G2 Awards",{"_1817":1867,"_160":1872},[1868,1869,1870,1871],{"_501":1838,"_204":1854},{"_501":1857,"_204":1856},{"_204":1859,"_501":1844},{"_501":1861,"_204":1862},"default","assetTypes",[1875,1878,1881,1884,1887,1890,1891,1894,1897],{"_13":1876,"_15":1877},"32a84769b6034b46858d0522418934d4","Checklist",{"_13":1879,"_15":1880},"65f3299e49a461b4b9c72e3c","Datasheet",{"_13":1882,"_15":1883},"65f3299e49a461b4b9c72e3e","Handbook",{"_13":1885,"_15":1886},"65f3299e49a461b4b9c72e39","On-Demand Webinar",{"_13":1888,"_15":1889},"65f3299e49a461b4b9c72e38","Report",{"_13":1398,"_15":1401},{"_13":1892,"_15":1893},"65f3299e49a461b4b9c72e3d","Video",{"_13":1895,"_15":1896},"65f3299e49a461b4b9c72e3b","Whitepaper",{"_13":1898,"_15":1899},"65f3299e49a461b4b9c72e3a","eBook","actionData","errors"]