Arctic Wolf bolsters Security Operations Platform

Arctic Wolf has announced the addition of identity threat detection and response (ITDR) enhancements to Arctic Wolf Managed Detection and Response (MDR), enabling businesses to further fortify their environments against evolving threats with new active response capabilities and integrations for Microsoft Defender for Identity and Okta.

  • Friday, 14th June 2024 Posted 2 years ago in by Phil Alsop

As threat actors continue to target identity infrastructure with account compromise tactics such as credential stuffing, the ability to swiftly contain and mitigate identity risks at scale is critical in defending crucial data assets and protecting users. In 2023, 39% of incidents investigated by Arctic Wolf Incident Response were initiated via external remote access using compromised, legitimate credentials, underscoring the importance of ITDR capabilities as a core function of security operations, as opposed to a standalone XDR, SIEM, or SOAR solution. “Identity threat detection and response (ITDR) is emerging as a security operations center (SOC) function focus while IAM teams grapple with new tools to address enhancing detection of identity misuse,” according to Gartner® Research.1

The Arctic Wolf Platform updates include:

Active Response for Identity: New capabilities enable immediate action against threats in identity infrastructure, leveraging response actions to quickly disable impacted user accounts, revoking access to potentially sensitive information or systems and reducing risk for organizations.

Microsoft Defender for Identity Integration: New integration with Microsoft Defender for Identity to protect user identities and reduce attack surfaces, increasing visibility into identity infrastructure for earlier detection of identity-based attacks, including Business Email Compromise (BEC).

Okta Impossible Travel Detection: Expanded detection capabilities for the existing Okta integration that will enhance cross-attack surface coverage with detection of compromised accounts using indicators of compromise (IOC) based on velocity alerts from Okta.

“As adversaries increase the use of identity-based attacks, the ability to integrate robust ITDR capabilities into security operations is critical in building business resilience, as containment and mitigation extends beyond the endpoint alone,” said Dan Schiappa, chief product and service officer, Arctic Wolf. “Effective cybersecurity hinges on detecting and remediating threats as quickly as possible. These new capabilities allow us to narrow the detection gap and minimize impact, effectively extinguishing and restricting adversarial account access more completely. As we continue to innovate on our world-class security operations platform, we are excited to continue to deliver on the security outcomes and resilience that have long been promised, yet underdelivered, by the security market at large.”

Through its cloud-native, AI-driven platform, Arctic Wolf empowers organizations of almost any size to achieve security operations at the push of a button. Through hundreds of security and technology integrations available to customers today, the Arctic Wolf Security Operations Cloud ingests, parses, enriches, and analyzes more than 5.5 trillion security events per week from a global base of over 5,700 customers.

Toby Weiss steps in as CEO of Securonix, aiming to enhance security operations amid evolving threats.
Exploring the shortcomings in AI governance and the potential avenues for managed service providers to bridge the gap between confidence and control.
AI adoption in workplaces is accelerating but employees lag in readiness, revealing a pressing need for strategic skill development.
Westcon-Comstor appoints Olya Scekaturova to lead sales growth across UK and Ireland.
Cynomi’s “What MSPs Are Actually Asking About AI” report reveals the real questions shaping the managed services landscape, from data security...
As cyber threats escalate, SEP2's approach aims to offer a specialist partnership to strengthen organisations across regulated sectors with Check...
According to research conducted by Cohesity in partnership with OnePoll, UK CEOs anticipate quick recovery from cyberattacks but lack clarity on...
Cynomi has introduced new integrations, automated scanning capabilities, a centralised document repository, and enhanced AI features aimed at...