Arctic Wolf bolsters Security Operations Platform

Arctic Wolf has announced the addition of identity threat detection and response (ITDR) enhancements to Arctic Wolf Managed Detection and Response (MDR), enabling businesses to further fortify their environments against evolving threats with new active response capabilities and integrations for Microsoft Defender for Identity and Okta.

  • 6 months ago Posted in

As threat actors continue to target identity infrastructure with account compromise tactics such as credential stuffing, the ability to swiftly contain and mitigate identity risks at scale is critical in defending crucial data assets and protecting users. In 2023, 39% of incidents investigated by Arctic Wolf Incident Response were initiated via external remote access using compromised, legitimate credentials, underscoring the importance of ITDR capabilities as a core function of security operations, as opposed to a standalone XDR, SIEM, or SOAR solution. “Identity threat detection and response (ITDR) is emerging as a security operations center (SOC) function focus while IAM teams grapple with new tools to address enhancing detection of identity misuse,” according to Gartner® Research.1

The Arctic Wolf Platform updates include:

Active Response for Identity: New capabilities enable immediate action against threats in identity infrastructure, leveraging response actions to quickly disable impacted user accounts, revoking access to potentially sensitive information or systems and reducing risk for organizations.

Microsoft Defender for Identity Integration: New integration with Microsoft Defender for Identity to protect user identities and reduce attack surfaces, increasing visibility into identity infrastructure for earlier detection of identity-based attacks, including Business Email Compromise (BEC).

Okta Impossible Travel Detection: Expanded detection capabilities for the existing Okta integration that will enhance cross-attack surface coverage with detection of compromised accounts using indicators of compromise (IOC) based on velocity alerts from Okta.

“As adversaries increase the use of identity-based attacks, the ability to integrate robust ITDR capabilities into security operations is critical in building business resilience, as containment and mitigation extends beyond the endpoint alone,” said Dan Schiappa, chief product and service officer, Arctic Wolf. “Effective cybersecurity hinges on detecting and remediating threats as quickly as possible. These new capabilities allow us to narrow the detection gap and minimize impact, effectively extinguishing and restricting adversarial account access more completely. As we continue to innovate on our world-class security operations platform, we are excited to continue to deliver on the security outcomes and resilience that have long been promised, yet underdelivered, by the security market at large.”

Through its cloud-native, AI-driven platform, Arctic Wolf empowers organizations of almost any size to achieve security operations at the push of a button. Through hundreds of security and technology integrations available to customers today, the Arctic Wolf Security Operations Cloud ingests, parses, enriches, and analyzes more than 5.5 trillion security events per week from a global base of over 5,700 customers.

Predictive maintenance and forecasting for security and failures will be a growing area for MSPs...
Venafi has published the findings of its latest research report: The Impact of Machine Identities...
Arctic Wolf to enhance its Security Operations Aurora Platform with best-in-class endpoint...
Nearly 50% of organisations have experienced a security breach in the last two years.
New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t...
HP Wolf Security Study highlights cybersecurity challenges facing organizations across the...
Internal test shows estimated scanning speeds of 75,000 backups within 60 seconds.
Deployment allows Korea Hydro and Nuclear Plant (KHNP) to leverage quantum-safe MACsec technology...