FAQ
MANAGED DETECTION AND RESPONSE
GENERAL
What is Managed Detection and Response?
Arctic Wolf Managed Detection and Response solution is delivered by the Arctic Wolf Concierge Security Team, built on the foundation of the industry’s only cloud native platform to deliver security operations as a concierge service. It provides 24×7 monitoring of your networks, endpoints, and cloud environments, along with a managed approach to detection, response, and recovery from modern cyber threats through managed triage and concierge services – guiding you along every step of your security journey.
How is pricing determined?
Arctic Wolf MDR takes a more predictable and understandable approach to providing you with security operations coverage. Unlike alternatives that charge based on event or log volume or license capabilities separately, foundational technologies such as endpoint agents, unlimited log retention and search and external network scanning are included as part of the core MDR offering. The MDR approach is to provide coverage across your attack surface based on number of users, servers, and internet egress points – providing coverage that grows along with you as your organisation grows.
What do I need to install to get started?
Security operations experts from your Concierge Security Team (CST) are paired with you to get you up and running quickly with the Arctic Wolf MDR service. Your CST works with you to learn your network topology, configure and deploy Arctic Wolf Sensors, Arctic Wolf Agents, and cloud connectors to monitor your cloud environment. Your CST also works with you to configure your external scans, alert thresholds, country allowlisting, and more to customise the service directly to your environment.
DETECT
What log sources can Arctic Wolf monitor?
Arctic Wolf works with your existing IT and security infrastructure to monitor information from a growing number of available log sources across: Active Directory, Authentication, Endpoint, Firewalls, IDS/IPS, Mail Servers, SaaS/IaaS, SSL-VPN, UTM, WAP, Web Gateways, and more.
Can I customise what Arctic Wolf monitors?
Yes. Your security operations expert from the Concierge Security Team works directly with you to tailor your service to your specific needs, in addition to the included out-of-the-box detection capabilities. Alerts can be tuned based on threshold, criticality, and several other factors with your CST based on the unique needs of your organisation.
RESPOND
What happens when Arctic Wolf finds suspicious activity in my log data?
Can I customise how events are triaged?
How does Arctic Wolf minimise false positives?
The Arctic Wolf Platform collects, enriches, and analyses data from a broad array of sources across your networks, endpoints, and cloud environments. Leveraging several detection engines, various sources of threat intelligence, and machine learning, this broad dataset is further analysed to identify suspicious activity to raise incidents that are further investigated by your security operations expert to eliminate false positives.
Can Arctic Wolf help me contain threats?
RECOVER
How does Arctic Wolf proactively mitigate security incidents?
Due to significant alert fatigue produced by the multitude of security products, IT teams often find themselves stuck in a reactive state of responding to threats with no time to be strategic. The Concierge Security Team (CST) is your single point of contact for your Arctic Wolf Managed Detection and Response solution and serves as your trusted security operations expert, helping you to proactively mitigate security incidents through:
- 24×7 monitoring
- Alert triage and prioritisation
- Custom protection rules
- Guided remediation
- Detailed reporting and audit support
- Ongoing strategic security reviews