COLUMBIA, Md., Nov. 05, 2025 (GLOBE NEWSWIRE) -- Huntress announces enhanced support for contractors looking to achieve Cybersecurity Maturity Model Certification (CMMC) Level 2 compliance. Through a collaboration with leading CMMC consulting firm DEFCERT, Huntress now provides free, assessor-ready documentation to simplify the assessment process. By eliminating the need to create documentation from scratch and pairing it with Huntress' purpose-built products, contractors can reduce the time, effort, and complexity of preparing for CMMC, accelerating their time to compliance.

While CMMC compliance isn't new, the final rule recently passed by the Department of Defense (DoD) fundamentally changes the verification process for contractors handling Controlled Unclassified Information (CUI). With CMMC Level 2 requirements entering DoD contracts starting November 10, 2025, contractors handling CUI must now prepare for a mandatory assessment by a Certified Third-Party Assessor Organization (C3PAO). This introduces the need for contractors to prove their compliance and prepare for rigorous assessments, which can create operational burdens and delay critical contract awards.

“Achieving CMMC compliance is no easy task, but the biggest challenges for contractors are operational and fiscal, not technical,” said Chris Henderson, CISO at Huntress. “The high cost of legacy FEDRAMP solutions has created a significant affordability gap for tens of thousands of subcontractors across the defense industrial base. We’re tackling this challenge head-on by making CMMC-compliant detection and response accessible to contractors of all sizes. Through our partnership with DEFCERT, we also provide customers with free, assessor-ready documentation, dramatically simplifying the compliance process for the areas we support. By offering these tools and resources, we’re making the path to CMMC compliance more accessible, affordable, and efficient.”

Huntress supports contractors looking to achieve CMMC compliance in two main ways:

• Purpose-built products: Huntress enables contractors with CMMC-compliant detection and response backed by a 24/7 AI-assisted Security Operations Center (SOC), directly supporting 37 of the 110 NIST SP 800-171 requirements. Sensitive Data Mode, the key feature that makes the platform CMMC compliant, blocks security analysts from accessing potential CUI files without compromising their ability to effectively detect and remediate threats. Further, Huntress Managed Identity Threat Detection and Response integrates seamlessly with Microsoft 365, including in Government Community Cloud (GCC) High environments.
• Assessor-ready documentation: In collaboration with DEFCERT, Huntress provides customers with comprehensive, assessor-ready documentation proven to help them pass CMMC Level 2 assessments. This includes a Shared Responsibility Matrix, which outlines the responsibilities of Huntress, the partner, and the end client for meeting specific CMMC objectives, as well as a detailed Operations Plan, which breaks down the individual tasks required for compliance, noting which are one-time or recurring. This saves contractors weeks of planning and days off their assessment by eliminating the need to create documentation from scratch.
  
  

“The path to CMMC certification is notoriously complex and resource-intensive,” said Ryan Bonner, Founder and CEO at DEFCERT. “We partnered with Huntress to co-develop the assessment-ready documentation that contractors desperately need, speeding up the assessment process and helping them save significant time, money, and resources. This efficiency is vital for the entire ecosystem, as it helps the limited number of C3PAOs process more contractors faster and accelerates the nation's effort to secure the defense industrial base and achieve CMMC compliance.”

Recently, a managed service provider successfully achieved CMMC Level 2 certification with Huntress in scope in just nine hours over two days, receiving a perfect score of 110 on their assessment. This effort was guided by Scott Lumpkin, a CMMC Certified Professional (CCP) and Director of Quantum AI Security, LLC, an MSSP firm located in Orlando, FL, that specializes in the FedRAMP environment. Lumpkin shared, “The Huntress implementation and documentation fully met all CMMC and NIST 800-171 expectations. The fact that the client passed their Level 2 assessment with Huntress in scope, and completed it significantly quicker than the typical assessment timeline, demonstrates that Huntress is an effective and efficient solution for any contractor looking to achieve CMMC Level 2 compliance.”

Additional resources:

• Looking to better understand CMMC? Check out this page for a breakdown of the assessment process, key requirements, and everything you need to know.
• Read this blog to learn about the assessor-ready documentation, developed by Huntress in partnership with DEFCERT, and how it can streamline your CMMC compliance efforts.
• Join Huntress and DEFCERT on December 2, 2025, for the webinar “CMMC is Here: What Does it Mean for You” and get expert insights into navigating CMMC compliance.
  
  

About DEFCERT
DEFCERT discovers and delivers new ways for the defense industrial base (DIB) and government contractors to meet their contractual and regulatory obligations for data protection. These efforts include compliance with DFARS safeguarding clauses, implementation of NIST special publications, and future assessment under the Cybersecurity Maturity Model Certification (CMMC).

DEFCERT primarily works with defense contractors, manufacturers, economic development organizations, managed IT service providers, and technology companies offering solutions to the DIB. You can learn more at www.defcert.com or follow us on LinkedIn.

About Huntress
Huntress is a global cybersecurity company on a mission to make enterprise-grade products accessible to all businesses. Purpose-built from the ground up, Huntress' technology is specifically designed to continuously address the unique needs of security and IT teams of all sizes. From Endpoint Detection and Response (EDR) and Identity Threat Detection and Response (ITDR) to Security Information and Event Management (SIEM) tools and Security Awareness Training (SAT), the platform provides targeted protection for endpoints, identities, data, and employees, delivering trusted outcomes and valuable peace of mind.

Its 24/7, AI-assisted Security Operations Center (SOC) is powered by a team of world-renowned engineers, researchers, and security analysts, dedicated to stopping cyber threats before they can cause harm. Huntress is often the first to respond to major hacks and incidents, with its expert security team sharing real-time tradecraft analysis and actionable advisories with the community. Currently safeguarding over 4 million endpoints and 8 million identities, Huntress empowers security teams, IT departments, and Managed Service Providers (MSPs) worldwide to protect their businesses with enterprise-grade security accessible to everyone.

As long as hackers keep hacking, Huntress keeps hunting. Join the hunt at www.huntress.com and follow us on X, Instagram, Facebook, and LinkedIn.

Huntress Contact:
press@huntresslabs.com