Huntress has officially acquired Inside Agent, a London-based firm focused on enhancing Microsoft 365 security against various threats. The new Identity Security Posture Management (ISPM) solution will assess over 100 checks and balances in Microsoft 365 environments, continuously monitoring for misconfigurations, stale accounts, and excessive privileges to prevent identity-based attacks. The ISPM solution integrates capabilities from Inside Agent and aims to reduce identity-related incidents by proactively stopping threat actors before they can exploit credentials or session tokens. Huntress currently protects over 8 million identities worldwide and intends to make comprehensive identity security accessible to organizations of all sizes with this new offering.
N-able announced the public preview of an updated version of its N-central unified endpoint management (UEM) solution, which now supports CMMC 2.0 controls. This allows customers in the Defense Industrial Base (DIB) to manage their own data and infrastructure in compliance with CMMC 2.0 standards. Key features include real-time monitoring and visibility across devices, automation of IT tasks, and a built-in water level indicator for easier management. The version is currently available for public preview, with general availability expected in early Q1 2026. This update enhances the existing capabilities of N-central and aims to assist managed services providers (MSPs) and IT teams in maintaining compliance with evolving defense requirements.
Why do we care?
Identity is now the center of the security universe, and compliance is becoming baked directly into MSP tooling. Huntress jumping into identity posture management isn’t a surprise—because the biggest security failures in M365 aren’t exotic attacks. They’re stale accounts, over-permissioned admins, and half-configured MFA policies. Tools that surface those issues nonstop are going to become table stakes.
But there’s a trap. Scanning for identity problems doesn’t fix anything. If your processes are weak, if access reviews aren’t happening, or if clients are still running with global admin rights, no tool can save you. Pretending otherwise is how MSPs create avoidable incidents.
Then on the N-able side, adding CMMC 2.0 support into N-central is smart—but it’s also where MSPs get themselves in trouble. A tool aligned with CMMC controls does not make anyone compliant. It just helps manage configuration. You still need documentation, evidence, and clearly defined responsibilities with the client. And preview features should never be deployed into regulated environments.
The bigger picture: identity and compliance are becoming defaults, not optional upgrades. If you’re not standardizing identity baselines, enforcing conditional access, and building a repeatable compliance process, you’re behind. Clients now expect their MSP to operate with the same rigor as an internal team in a regulated industry.
This is your chance to lead with strong operational discipline instead of hoping vendor tools do the heavy lifting for you.