Arctic Wolf Labs
Enriching the Arctic Wolf Aurora Platform
Arctic Wolf Labs brings together elite security researchers, data scientists, and security development engineers together to help end cyber risk for organizations around the globe.
Leveraging trillions of security events the Arctic Wolf Security Operations Cloud ingests, parses, enriches, and analyzes each week.
Delivers cutting-edge threat intelligence and security research on new and emerging adversaries
New detection developments for sophisticated threats and zero-days vulnerabilities.
Develops advanced threat detection models aided by machine learning and artificial intelligence
Scalable and effective threat hunting by using both human analysis and automations to provide actionable insights.
Drives continuous improvement in the speed, scale, and detection efficacy of Arctic Wolf solutions
Augment our solutions with Security Analytics and Machine Learning (ML) developments.
Capabilities
Expertise
Publications by Arctic Wolf Labs covering Artificial Intelligence (AI) security applications
Patents covering cybersecurity methods for various communication systems, big-data, machine learning applications
Committee engagements including: NIST, TMLS, DEFCON, aggregate intellect
Publications on machine and deep learning, quantum mechanics, mathematics, and game theory
SOC BENCH is a benchmark created by Arctic Wolf to measure how well AI performs real-world Security Operations Center (SOC) tasks.
As AI adoption accelerates, security teams need a clear, repeatable way to evaluate AI beyond hype. SOC BENCH provides an objective, practitioner-focused standard inspired by AI benchmarks used in other fields.
SOC BENCH is being refined with input from researchers and practitioners. You can explore the benchmark, follow updates, or join the consortium through the resources below.
Why SOC BENCH Matters
Arctic Wolf Launches SOC BENCH
Be Part of the Benchmark Revolution
REPORT AVAILABLE!
2025 Arctic Wolf Labs Threat Report
Arctic Wolf Labs Threat Intelligence Research
Dropping Elephant APT Group Targets Turkish Defense Industry With New Campaign and Capabilities: LOLBAS, VLC Player, and Encrypted Shellcode
Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate Firewalls
Strengthen Your Security Posture
with Arctic Wolf Labs
Detections
- Create detections that scan and identify assets with vulnerable and out of date software and/or operating systems
- Help prioritize which assets should be patched first by leveraging relevant customer contexts and Arctic Wolf Labs threat intelligence
- vxIntel by Arctic Wolf - Malware intelligence platform enhances threat detection capabilities
- Explore our tools:
- Log4j (Log4Shell) Deep Scan Tool
- Spring4Shell Deep Scan Tool
- Automated benchmarks highlight risky configurations that can be exploited on a range of asset types and operating systems
- Increased visibility into your public cloud resources, including AWS, GCP, and Azure, to reduce risk of misconfiguration through Cloud Security Posture Management
- Major contributors to the Security Automation Protocol (SCAP) and Open Vulnerability Assessment Language (OVAL) working groups to enhance and increase adoption of a standard vulnerability definition language as leveraged by Arctic Wolf JOVAL engine
- Regularly provide patches and vulnerability insights as part of the Microsoft Patch Tuesday OVALs
- Provide open source-developed scanning tools in response to key major security events
Security Bulletins
On November 19, 2025, Salesforce announced an investigation into unusual activity involving applications published by Gainsight, a company that provides customer success software integrated
On November 13, 2025, open source reporting began detailing active exploitation of a silently patched Fortinet FortiWeb vulnerability. The flaw is a path traversal
On November 11, 2025, Microsoft released its November 2025 security update, addressing 63 newly disclosed vulnerabilities. Arctic Wolf has highlighted
