Looking for Advice on MDR Solutions: Huntress, Arctic Wolf, or Rapid7?

Honestly, I would avoid Arctic Wolf if you can. The only reason to consider an MDR is for compliance purposes. If that's not a concern, you might be better off hiring someone in-house instead.

From what I’ve seen, Huntress is one of the most recommended MDRs out there, and I can see why. They’ve been excellent for us with an easy remediation process and continuous feature improvements. They align well with your need for a more hands-off approach with remediation support.

We've had a great experience with GoSecure as an MSSP. They offer a full package including MDR, Vulnerability Management as a Service (VMaaS), SIEM as a Service (SIEMaaS), and inbox detection & response. They're a solid choice if you're looking for good value and support—they've been reliable for us for the past five years.

Why isn’t SentinelOne working for your needs? I manage 850 endpoints across various devices, and I hardly have to intervene. I regularly fine-tune settings with my Support Engineer, and I get weekly reports. Typically, the issues I see are just Potentially Unwanted Programs (PUPs) every few weeks at most. My teammates with lower-level access can handle a lot too, so I’m not alone in this.

Before diving into a specific MDR, it’s important to clarify what you want from the platform. What does your ideal outcome look like? That way, you can find a service that truly meets your needs.

Patch management is really more aligned with Managed Service Providers (MSPs) or Managed Security Service Providers (MSSPs) rather than an MDR. We actually moved from Rapid7 to Arctic Wolf and ended up switching to Red Canary, which has been much better for us. Happy with that decision!

I’ve recently joined a non-profit in the UK that invested in Arctic Wolf. Unfortunately, it’s quite pricey, so just be aware of cost.