When hackers set their sights on businesses across the Netherlands, Connectworks had a tough choice—adapt or risk it all. With more than 7,000 endpoints protected by only antivirus tools, they needed something more than just another product.
Background | A Not-So-Silent Crisis
For Connectworks—an IT service provider nestled along the tranquil canals of the Netherlands—the escalating roar of cyber threats was impossible to ignore. Focused on protecting small, specialist businesses, Connectworks suddenly found themselves racing to outmaneuver malicious hackers. For years, Connectworks relied on antivirus solutions. But those tools couldn’t keep up. Ransomware and identity-based attacks were no longer distant rumblings—they now thundered in the quaint Dutch town of Almelo, home to Connectworks and their clients. “We weren’t the easiest target, but we weren’t the hardest either,” says Thijmen Bosman, Chief Commercial Officer at Connectworks. “It was only a matter of time before something slipped through.”
The Risk | Close Calls and Mounting Pressure
Throughout 2022, near misses became all too common for Connectworks. One client fell for a phishing scam and narrowly avoided a €100,000 fraudulent transaction (fortunately caught by the bank). Another had their account breached despite using multi-factor authentication (yet fortunately dodged any real damage). These events chipped away at the facade of safety. Each attack wasn’t just a technical nuisance but a potential business-ending catastrophe.
“We wouldn’t have been legally liable for their losses,” Bosman admits. “But morally? We weren’t just going to stand by and watch our clients lose it all.” Yet their antivirus tools could only do so much. Attacks became more sophisticated day by day. With more than 7,000 endpoints (and growing) to protect, Connectworks needed a more precise, more effective strategy. And they needed it yesterday.
I needed someone who’d show up when it mattered most for us and our clients
The Quest | Finding a True Ally
Bosman wasn’t looking for just another security tool. He was in search of a new approach. While many SaaS providers offer excellent technologies and services, Bosman needed the assurance of reliable, ongoing support. “I needed someone who’d show up when it mattered most for us and our clients,” he explains. Having been a long-time partner of Autotask and Datto RMM, Connectworks had greatly benefited from their robust solutions. Kaseya’s offerings, like K365 and RocketCyber, were strong contenders, providing budget-friendly options with the potential for service consolidation. But Bosman opted to take a step back and explore alternative strategies to ensure his company’s evolving needs were fully met. After months of careful research, he narrowed his options to SentinelOne, CrowdStrike, and Huntress. All were solid choices—but one clearly had more to offer than just technology.
The Answer | A True Partner’s Worth Can’t Be Measured
“The choice came down to partnership,” Bosman explains. “Huntress didn’t just hand us a product. Unlike most vendors, they actually worked alongside us to make everything we wanted feasible.”
Huntress’ “people-first” approach stood out right away. Their Europe-based team immediately began collaborating with Bosman. They offered free trials, designed a custom opt-out campaign for Connectworks’ clients, and created a pricing model aligned with Bosman’s mass adoption goals. Huntress began to forge a meaningful relationship with Bosman and the entire Connectworks team. “They genuinely wanted to provide value to our customers instead of just eagerly making a sale,” Bosman recollects.
In the end, Huntress wasn’t the cheapest contender, but their people-first focus couldn’t be ignored. “Sure, there were less-pricey options,” Bosman acknowledges. “But Huntress is there when it counts, and that reliability and predictability is priceless.”
The First Victory | Shutting Down Endpoint Threats
The partnership began in April 2023, starting with Huntress’ Managed EDR (Endpoint Detection and Response). The results were immediate. The change was plain to see. “There were no more ‘what do we do now?’ moments,” Bosman says. Instead, his team received clear, easy-to-follow remediation instructions from the experts in the Huntress Security Operations Center (SOC).
Connectworks rolled out Managed EDR to nearly 7,000 of their endpoints using an opt-out campaign. By December, nearly all of their clients had adopted the solution. For the first time in a long time, Bosman and his team could breathe easier.
But the sighs of relief were short-lived. Threat actors adapted quickly. If they couldn’t crack the machines, they’d go for the people using them.
The Second Threat | Identity Risks Emerge
By late 2023, identity attacks on Microsoft 365 users were escalating. Though none had truly jeopardized his clients yet, Bosman knew account compromises could expose sensitive data, cripple independent businesses, and threaten everything Connectworks stood for. If endpoint breaches were explosions, identity attacks were nuclear bombs. Once again, Huntress was ready. Seeing the success of their Managed EDR rollout, Connectworks expanded their partnership to include Huntress’ Managed ITDR (Identity Threat Detection and Response). This solution shuts down vulnerabilities like business email compromise, session hijacking, and unauthorized access, so user credentials stay safe and out of the wrong hands. The rollout strategy was seamless. Using their now familiar opt-out campaign model, Connectworks scaled Managed ITDR to nearly all identities under their watch within months.
The Turning Point | Embracing People-Powered Security
“We had some low-security alerts, but we didn’t even consider them notable incidents because Huntress caught them so quickly,” Bosman explains.
Huntress’ 24/7, industry-defining SOC gave Connectworks clear, actionable remediation steps every time, empowering their team to resolve incidents confidently. The seamless integration with Autotask also ensured efficient workflows, so the Connectworks team could focus on real threats instead of drowning in false positives.
“The Huntress SOC isn’t just a bunch of automated alerts,” Bosman says. “It’s real people. They don’t just tell you there’s a problem—they’re there for you, helping you fix it.”
Results | Trust Built on Action
By partnering with Huntress, Connectworks has seen results that would surprise even the most optimistic IT professional, like:
- Zero endpoint breaches. Every one of their nearly 7,000 endpoints stayed secure.
- 30% faster incident response times. It’s estimated that Huntress’ actionable alerts significantly reduced Connectworks’ time to resolve issues.
- Stronger client trust. Their proactive stance on identity and endpoint defenses cemented their reputation as a top-tier outsourced IT partner for Dutch businesses.
“We were honest with ourselves,” Bosman admits. “We’ll never have the same level of experience as Huntress when it comes to incident response.” Bosman acknowledges that while his team knows the playbook for security best practices, real-world incident response is a game they don’t want to be part of. “We’ve had very few incidents, which is great, but it also means we’re not seasoned when one hits.” That’s why they rely on the Huntress SOC. With expertise gained from handling thousands upon thousands of incidents, the SOC always delivers intelligent judgment, clear context, and decisive action that automation just can’t. Standalone incident response firms can be expensive and often less effective, creating bottlenecks as two vendors struggle to coordinate. Because Huntress builds and owns their technology stack, the SOC and the tech work as a cohesive unit. It’s due to this “one team” approach that Connectworks gained a seamless, expert-driven incident response process that fills critical gaps and amplifies the value they deliver to clients. Or, as Bosman sums up, “Our clients sleep better at night. And so do we.”
What’s Next | Staying Ahead of the Curve
Bosman wasn’t just looking to stop cyber threats—he was looking for a reliable partner he could trust, no matter the time or place. That’s exactly what he found with Huntress. Now, as he collaborates with them to implement Managed SIEM (Security Information and Event Management), he adds he’s eager to adopt Managed SAT (Security Awareness Training) as soon as it’s available in Dutch.
“Huntress isn’t just another vendor,” he says. “They’re part of our team. And in this line of work, partnership makes all the difference.” For Bosman and the wider cybersecurity community, Huntress prioritizes the human element with proactive communication, ongoing education, and expert guidance. This “people-first” focus means Connectworks’ clients are always prepared for whatever threats lie ahead.