HomeCase Studies
Blue Tree Technology and IntelliData Solutions

Fighting off an Active Exploit

With Huntress Managed EDR

Product Used
No items found.
Product Used

Managed EDR

Glitch effectGlitch effect
Glitch effectGlitch effect
Blue Tree Technology & IntelliData Solutions

How Huntress helped Blue Tree Technology and IntelliData Solutions to fight off an active exploit in real-time

While the Huntress 24/7 SOC team was hard at work one Friday afternoon, we received a Windows Defender alert that warned our team of a Cobalt Strike implant on one of our partners’ networks. Within minutes, another similar-looking Defender alert came in from a completely different organization. After digging into both alerts, we found a commonality: Hackers were targeting VMware Horizon servers using Log4Shell vulnerabilities.

After realizing that these were not isolated incidents, our SOC team quickly jumped into action to protect any other potentially affected partners. One of the first actions was to roll out Huntress Managed EDR to all partner systems with VMware Horizon. Within minutes, Managed EDR surfaced which partners had certain malicious commands executed on their systems—all of whom immediately received an incident report with the most up-to-date information and mitigation techniques. Blue Tree Technology was one of those partners.

Learn More About
Blue Tree Technology and IntelliData Solutions
Arrow right
Blurry glitch effectTeal ellipseTeal ellipse
Glitch effect

“Huntress notified us of the threat before we had any idea what was happening,” said Tom Noon, VP of Operations at Missouri-based MSP, Blue Tree Technology. “Their team gave us all the information we needed to get up to speed, including the machine name that was infected, the steps to confirm the infection, and how to remediate the threat.” In this case, the infected machine was hosted by IntelliData Solutions, a hosting partner of Blue Tree Technology.

“We had VMware servers that were patched, yet hackers were still able to sneak through,” said Pavan Agrawal, CTO at IntelliData Solutions. “Huntress gave us a specific set of instructions that told us how to confirm that there was an infection and how to remediate the threat. We were able to easily follow the instructions to evict the malicious content and confirmed with Huntress once it was complete. We avoided a really messy situation—that’s all thanks to Huntress.”

After following Huntress’ remediation steps, both IntelliData Solutions and Blue Tree Technology successfully restored their data to its pre-infected state by the end of the day. “Huntress helped us be more proactive, rather than reactive,” said Alec Smith, President at IntelliData Solutions. “If we hadn’t confirmed and remediated the threat, client information would have been compromised and we could have suffered severe damage to our reputation.”

Huntress Managed EDR captures threat actor activity by actively monitoring processes in near-real-time. The forensics performed by Managed EDR identifies and alerts administrators to suspicious activity. However, unlike traditional cybersecurity technology which relies on administrators to comb through all the data and alerts, Managed EDR is backed by Huntress’ team of human threat hunters. The Huntress SOC team filters through the alerts for partners to verify threats and send only incident reports that require attention paired with remediation instructions. This eliminates false positives and assures partners that alerts are timely and relevant.

“Artificial intelligence is good, but there is nothing better than the human intelligence of Huntress’ threat hunters,” explains Tom of Blue Tree Technology. “We get so many alerts, noise and false positives from our other cybersecurity tools—it’s hard for our technicians to know what to focus on. Huntress filters out all that noise. Their SOC team does a remarkable job of verifying threats and only sending alerts when they need our attention or action. Our techs know that when an alert from Huntress comes through, they better look at it. This incident was an example of that—and it gave us the validation we needed to roll out Huntress to all our clients.”

"Artificial intelligence is good, but there is nothing better than the human intelligence of Huntress’ threat hunters."
Blue Tree Technology and IntelliData Solutions
Contact
Tom Noon & Pawan Agrawal
Location
Kansas City, Kansas, Unite States
About

Blue Tree Technology is a full-service technology solution provider that caters to the SMB market based out of Kansas City, Missouri.

IntelliData Solutions, Inc. specializes in implementing customized cloud hosting solutions – GPU VDI for architecture firms, VDI (non GPU), Bare Metal, IAAS, Virtual Machines, Private cloud & Custom servers. Our hosting services are focused on bridging the gap between people, knowledge and process.

Blurry glitch effect

Other Success Stories

MicrotimeHuntress Cybersecurity

Microtime

For rising MSPs, balancing growth and security is no easy feat. Discover how Huntress Managed SIEM revolutionized the security strategy for Boston’s Microtime, delivering a perfect blend of efficiency, affordability, and accuracy.

Read
Tech Partners HawaiiHuntress Cybersecurity

Tech Partners Hawaii

Discover how Huntress Managed Security Awareness Training has empowered MSPs to streamline operations, boost productivity, and elevate their clients’ security postures.

Read
CytekHuntress Cybersecurity

Cytek

Explore how Cytek saved a dental surgery practice threatened by data extraction thanks to the 24/7 vigilance of Huntress.

Read
Glitch effectGlitch effect

Add Cyber Experts to Your Arsenal

See how the global Huntress SOC can augment your team with 24/7 coverage and unmatched human expertise. Start your free trial today.

Try Huntress for Free
man in front of computers