The best security outcomes come from the intersection of security expertise and the ability to act based on risk levels. At Arctic Wolf, we are laser focused on security outcomes for the security leaders and teams across our solutions — Arctic Wolf ® Managed Detection and Response (MDR), Aurora™ Endpoint Security, Arctic Wolf Managed Risk, Arctic Wolf Managed Security Awareness ®, Arctic Wolf Incident Response, as well as risk transfer with the Arctic Wolf Security Operations Warranty. To assist security leaders and their teams to work smarter, not harder, we are proud to introduce Cipher, Arctic Wolf’s GenAI security assistant (driven by Anthropic Claude and Amazon Bedrock). Cipher increases the ROI of utilising Arctic Wolf while increasing the efficiency of security teams.
Cipher delivers deeper security expertise instantly with self-guided access to powerful data within the Arctic Wolf Aurora Platform. You gain a better understanding of your alerts and next steps during investigations increasing the ROI of Arctic Wolf and the value of our solutions for security leaders. Cipher gives your team a clearer understanding of threat activity and severity along with alert summarisation and visualisations for easier comprehension and action.
To provide a clearer understanding of your alerts and next steps during investigations, Cipher offers your security team a GenAI window to ask questions and gain more context about security and your organisation’s environment.
For example, your team may want to understand threat context using MITRE ATT&CK or the Lockheed Martin Kill Chain. Cipher will pull that information for your team quickly. If your security team wants extra assistance when reviewing alerts, Cipher saves time by giving a summary with a level of detail most comfortable to the user of a given alert and provides subsequent guidance to make your team smarter and nimbler. Cipher increases your team’s confidence when reviewing alerts by being able to easily pull in additional context to help make decisions on next steps.
How Does Cipher Work?
Let’s discuss Cipher’s capabilities in more detail. Here is a list of the initial Cipher skills at the beginning of our opt-in beta:
- Classification: MITRE ATT&CK
- Classification: Open Cybersecurity Schema Framework (OCSF)
- Classification: Lockheed Martin Kill Chain
- Enrichment: Task/Case Summary
- Enrichment: CVE Explainer
- Enrichment: KB Explainer
- Data Explorer: Dashboards and Reports (must have purchased Data Explorer SKU for access)
Specifically, our classification threat skills help security teams consistently understand threat severity, threat context, and response priorities with MITRE ATT&CK, Lockheed Martin Kill Chain, and Open Cybersecurity Schema Framework (OCSF). Cipher enrichment skills enable an easy-to-understand summary of alerts to reduce investigation time by reviewing risk level and case details before your security team acts. Finally, Cipher offers a self-service method for faster answers with custom views of your security data through plain language-built dashboards and reports.
Cipher Walk Through
As an opted-in Cipher beta customer, when you log into the Arctic Wolf Unified Portal, you will see Cipher appear as a window. See the screenshot below.
To begin, you can ask Cipher how it can help, and it will remind you about the skills that are currently available, as shown below.
Let’s say you are interested in a deeper understanding of an alert. In this example, the alert is about a potential Microsoft multi-factor authentication (MFA) fatigue attack. You can ask Cipher to show you other login activity from this user to troubleshoot the behaviour (seen in the screenshot below). If you are a Data Explorer customer, Cipher will respond with a link to a visual of the user activity in question.
Finally, let’s say you are reviewing alerts, and you want additional information on CVE 2025-26663. Just ask Cipher and it will provide you with enriched context for the CVE. In the screenshot below, you can see that Cipher pulled in a description, severity, attack vector, attack complexity, and more to help you gain a deeper understanding of the vulnerability and how it applies to your attack surface.
Cipher Available Now in Beta
Cipher delivers deeper security expertise instantly with self-guided access to powerful data within the Arctic Wolf Aurora Platform. It helps your security teams better understand their alerts and next steps during investigations for faster actions and better ROI. Cipher provides a clearer understanding of threat activity along alert summarisations and visualisations for easier comprehension and action.
If you are an Arctic Wolf customer, help shape the future of how AI is delivered through the Cipher beta. Cipher will be available to customers during a beta alongside our presence at RSAC in San Francisco. You can learn more at our RSA booth or through our press release.
We welcome feedback to ensure this LLM-based application is delivering value. Provide us feedback in Cipher so we can ensure your security team is gaining more value.
Learn more about Cipher and Arctic Wolf Alpha AI.
