FAQ
Cloud Detection and Response
GENERAL
What is Cloud Detection and Response?
The Arctic Wolf Cloud Detection and Response solution provides 24×7 monitoring of your Infrastructure as a Service (IaaS) and Software as a Service (SaaS) platforms, providing awareness of your risks, misconfigurations, and threats across your cloud environments. Arctic Wolf Cloud Detection and Response is delivered by the Arctic Wolf Concierge Security Team, built on the foundation of the industry’s leading cloud native platform.
How does Cloud Detection and Response integrate with other Arctic Wolf security operations solutions?
Cloud Detection and Response is built atop the same Arctic Wolf Platform and delivered by the same Concierge Security Team as all Arctic Wolf security operations solutions, providing seamless security integration. Cloud risks are visible alongside on-premise risks in the Managed Risk portal, and threats and attacks are detected by the same Concierge Security Team. This integration allows for more effective security operations, detecting attackers that move back and forth between cloud and on-premise systems, and prioritizing the most serious risks regardless of location.
IDENTIFY
Can Cloud Detection and Response detect unauthorized cloud applications?
Yes. Through its integration with Arctic Wolf Managed Detection and Response, Cloud Detection and Response can identify unauthorized cloud applications, or “shadow IT”, allowing organizations to mitigate the risk of data breach or loss associated with such services.
MONITOR
Can Arctic Wolf monitor for security issues in my cloud infrastructure? If so, what sources can you ingest?
Yes. Cloud Detection and Response monitors for security issues in IaaS platforms and performs inventory reporting, environment benchmarking, and remediation recommendations. This monitoring allows Arctic Wolf to discover cloud risks and detect suspicious behavior. Cloud Detection and Response integrates with major IaaS platforms, including AWS and Azure.
Can Arctic Wolf monitor for security issues in my SaaS applications? If so, which sources can you ingest?
Yes. Cloud Detection and Response can detect key SaaS indicators of compromise, including suspicious logins or administrative activity, and malicious integrations. These alerts allow Arctic Wolf to detect serious attacks such as business email compromise, data breach, and more. Cloud Detection and Response integrates with major SaaS platforms including Office365, Gsuite, Salesforce, and Box.
SIMPLIFY
Is Cloud Detection and Response a security product or service?
Cloud Detection and Response is a security operations solution. That means that it is a service delivered by our Concierge Security Team. Unlike security products, which often require extensive training and setup and ongoing maintenance and monitoring, Cloud Detection and Response simplifies cloud security by providing actionable outcomes from security operations experts.
What is required to deploy Cloud Detection and Response?
Cloud Detection and Response is simple and easy to deploy. Once the solution is scoped and purchased, Arctic Wolf will collect the necessary cloud credentials through our secure portal. Then our security operations experts will activate and configure the service and begin monitoring.
What happens if an issue is identified in my cloud infrastructure or applications?
If an issue is identified in your cloud environment, your Concierge Security Team will verify the issue and alert you as per your previously determined escalation policy. This can include ticketing, emails, or emergency phone calls. The Concierge Security Team will manage the end-to-end workflow of detection and response, and then provide remediation and validation guidance to ensure the issue is resolved.