Huntress Just-in-Time Admin / Endpoint Privilege Management
R
Reni Nishku
Huntress should consider adding a native Just-in-Time Admin feature
Many SMB and mid-market customers still struggle with local admin rights. They either leave users as local admins because it is operationally easier, or they remove admin rights and then create help desk friction every time someone needs to install software, update drivers, run a trusted tool, or perform a legitimate admin task.
A Huntress-managed JIT admin feature would fit very well with the existing Huntress MDR model.
Recommended capabilities:
* Temporarily elevate a standard user to local admin for a defined time window
* Require approval from an admin, MSP, or Huntress-managed workflow
* Allow policy-based approvals for known safe applications or vendors
* Log every elevation request, approval, command, process, and installer
* Alert on suspicious elevation behavior
* Integrate with Microsoft Defender, Entra ID, and Huntress endpoint telemetry
* Support emergency break-glass admin access
* Provide MSP-friendly multi-tenant reporting
* Include rollback or containment options if elevated activity becomes suspicious
This would help customers reduce standing local admin privileges without creating excessive IT friction. It would also strengthen Huntress’ position against CrowdStrike, ThreatLocker, AutoElevate, CyberQP, and Microsoft Intune Endpoint Privilege Management.
This feels like a natural Huntress feature because privilege escalation is often where endpoint risk becomes real. Huntress already sees endpoint behavior; adding controlled, auditable, time-bound admin elevation would close a major operational gap for MSPs and SMB security teams.