Integrations, Webhooks, APIs

As a top-tier Huntress MSP partner securing thousands of endpoints, we’ve built our practice around Huntress’s elite MDR, EDR, Managed ITDR, and 24/7 SOC remediation. Email is still our biggest blind spot. Phishing, BEC, ATO, credential theft, malicious rules, deepfakes, and QR lures dominate our breaches. Microsoft 365 Defender catches basics—but consistently misses polymorphic, low-and-slow, and socially adaptive threats.We’ve deployed IRONSCALES widely with outstanding results thanks to its Adaptive AI email security: Native M365/Google Workspace API—no MX changes, instant behavioral learning Real-time user/tenant baselines, social graphs, reputation, content analysis + 30,000+ hunter intel One-click auto-remediation: quarantine, rule delete, session kill, polymorphic clustering Hybrid AI + human triage → minimal FPs, strong zero-day BEC/ATO catch rate Built-in AI spear-phishing sims + in-client banners/report buttons Without integration, we’re stuck in silos: separate dashboards, manual correlation, duplicated triage, delayed chain-attack visibility (phish → credential → endpoint). This inflates MTTR and MSP overhead. A tight Huntress + IRONSCALES integration delivers... Technical wins: Unified timeline: IRONSCALES email signals + Huntress ITDR/endpoint data for true multi-vector detection SOC efficiency: enriched alerts routed to Huntress portal for 24/7 contextual triage/remediation Automation synergy: Huntress Microsoft depth + IRONSCALES mailbox APIs → enrichment, noise cut, proactive blocks Cross-domain hunting: email + endpoint + identity queries for faster forensics GTM wins: Killer layered stack (endpoint + identity + email) that crushes fragmented or native-Microsoft-only competitors Easy cross-sell/upsell → higher ACV, faster closes, stickier renewals Lower support load & churn with single-pane visibility + managed response RFP dominance by owning the full modern attack surface IRONSCALES already integrates cleanly elsewhere (e.g., ThreatDown unified console)—proof it works. Huntress has the engineering and MSP DNA to nail this fast. Product team: this is mission-critical. Close the email gap, stop breaches earlier, supercharge partner revenue.

I would like to receive notifications through Slack. Integrating Slack notifications would help me stay updated without having to check multiple platforms.

It would be nice to have an integration with NinjaOne US.

I am interested in having Active Directory integration to monitor for brute force attacks within my environment. It would be beneficial if the system could proactively report on failed login events, specifically those resulting in 4625 event codes from external networks. This feature would enhance our security monitoring capabilities by leveraging data pulled through SIEM.

We use Curricula (Huntress) integrated with Vanta to support SOC 2 compliance. Vanta evaluates security awareness training on a rolling 365-day basis, requiring evidence that users have completed an approved security awareness training within the last year. Currently, security awareness trainings in Curricula are assigned as one-time or admin-scheduled assignments. When users re-take the same training, the original completion date is retained, and there is no way to automatically re-assign or renew the training based on an individual user’s completion date. This creates challenges for compliance workflows: Users with more than one year of tenure are flagged as non-compliant in Vanta, even if they re-complete the training Administrators must manually re-assign the same training to all users on a fixed schedule, even when some users completed it recently There is no way to notify users when a training is due again based on elapsed time since last completion Requested Enhancements We would like to request support for one or more of the following capabilities: Per-user annual renewal of a training (e.g. re-assign 365 days after last completion) Ability to reset or update the completion date when a user re-completes a training Automated notifications when a user is due to complete a recurring security awareness training Native support for annual security awareness requirements aligned with compliance tools such as Vanta These features would significantly improve alignment with SOC 2 and similar compliance frameworks, and reduce manual administrative overhead.

Please add a Liongard Inspector integration so that LionGard users can have visibility into user accounts, integrations, configuration changes, etc.

I don't have any clients who use Windows Defender. It would be great if in the future there was a Sentinel One integration to pull logs from and review detentions to confirm that Sentinel One completely removed the threat.

I would like to see an integration that allows the Huntress activity and logs to be connected as a log source to a SIEM. This would allow a 3rd party SOC to work with events as well.

Would love to have hudu integration for auto documentation of security incidents, agents data, etc.

I need a way to sync your application with ConnectWise. This integration would streamline my workflow and improve efficiency by allowing seamless data transfer between the two platforms. It would be great if you could consider adding this feature.