Arctic Wolf
 
 
 

A Message from Brian NeSmith to Our Valued Customers

 starred-icon.png

As we approach the end of 2020, a year unlike any other in our lifetimes, it's that time to give thanks for all the good things that we've experienced since January.

While we humbly recognize that not all business have been as fortunate, Arctic Wolf is grateful for our continued success. It's all made possible by the hard work and dedication of our growing team, our partners, and most importantly, by the relationships we've developed with customers like you.
 
A color photograph of Arctic Wolf Executive Chairman Brian NeSmith.
 
Company Updates
The state outline of Minnesota filled in with two shades of orange with a blue and black background.
 
Home Sweet Home
 
We’ve moved our headquarters from Silicon Valley to our Eden Prairie, MN office. This is where most of our employees—including our sales and marketing teams—were already based. We’re excited to plant our flag here, and further tap into the abundant talent the Minneapolis-St. Paul area has to offer. And it’s a convenient flight to and from our other offices stretching across both coasts. We hope you’ll visit sometime.
 

Updates To Our Master Solutions Agreement (MSA)

The Master Solutions Agreement (MSA) is an agreement between you and Arctic Wolf that governs your use of Arctic Wolf’s solutions. It includes, by reference, our Solutions Terms. The updates to the MSA and Solutions Terms will take effect in accordance with the current terms governing your existing subscription.

If you continue to use our solutions on or after their effective date, or such other date set forth in your agreement with us, you're agreeing to the updated terms. To see all of the changes, please read the full Master Solutions Agreement.

Updates:
  • We've updated our notice address.
  • We've updated our MSA to make the added features and functionalities to our Solutions available to you.
  • Our Managed Detection and Response Solutions Terms and our Managed Risk Solution Terms have changed to address the exciting features and functionalities that have been added to these Solutions.
  • Throughout the MSA, we've made changes to improve clarity and address grammar, typos, terminology, definitions, and other similar issues.

If you have any questions about the changes we have made to the MSA, please feel free to contact your Customer Service Manager or legal at legal@arcticwolf.com.

Thank you for being part of the Arctic Wolf Pack!
 
Operational Updates

Managed Risk

We’ve made some exciting enhancements to the Managed Risk Dashboard, improving the performance and look and feel of the user interface and introducing a more efficient way to end cyber risk through Risk Management Plans.

Updates:
  • Risk Management Plans | Enable organizations to more efficiently manage, prioritize, and eliminate risk by grouping similar risks together and build workback schedules for remediation with clear timelines.
  • Actions List | IT teams can quickly view critical risks from a single view based on risk severity and business impact and directly add to a risk management plan to prioritize remediation.
  • Managed Risk Dashboard UI Enhancements | Faster performance, a new look and feel, better organization and filtering of risks—adding greater context to risks through the actions list and risk management plans.

Here’s a quick video that captures these enhancements.

Managed Detection & Response

Over the past five months, we released significant new detection capabilities, reports, and actionable alerts to support you wherever you are located. New features designed to protect employees while working from home was a major part of our focus.

Beginning in August, you were able to receive new alerts based on malicious endpoint activity observed by Arctic Wolf Agent and Sysmon telemetry.

These features are used to detect:
  • Malicious usage of penetration testing tools: PowerShell Empire, Mimikats, and BloodHound
  • Suspicious parent-child process relationships
  • Data exfiltration using the diskshadow executable and shadow copy
  • Malicious files based on lookups of executable image hashes
  • Suspicious activity recorded in Windows Event Log

We accelerated support for the security tools commonly used to protect remote workers. Recent product integrations include:

  • Endpoint detection and response (EDR) tools from: Microsoft, CrowdStrike, and
  • Multi-factor authentication applications: Cisco Duo and Okta

New This Month

We recently announced support for SentinelOne EDR and Mimecast email security gateway. Mimecast is our first API-based email integration.

Customers using our Mimecsast integration will receive additional protection from phishing, ransomware, malware, and impersonation attacks. Support for Carbon Black EDR will be released soon.

Please ask your CSM for information about our integrations and let us know which other products you’re running to collect security data from your environment to help inform our roadmap.

Agent Product Announcement

This update applies to all customers running Arctic Wolf Agent.

Arctic Wolf Agent will be updated beginning on Thursday, November 19, 2020. All devices running the Agent and connected to the internet will be updated automatically over the next few weeks to version 2020-11_02. This update does not include any changes visible to end users or to administrators.

What's new in this update?
  • Improved vulnerability scanning for Managed Risk customers 
  • Fixed issue with Netstat connection check so that it no longer produces zombie netstat processes
  • Fixed multiple bugs

How can I check the Agent versions of my endpoints?

In the Customer Portal, you can view your list of endpoints. Clicking "Export" generates a CSV of all of your Agents. This includes the Agent Version column, which you can verify against.

*Note: You can only see the Agent version in the downloaded CSV rather than on the list of endpoints on the Customer Portal.

How can I manually update my Agent to version 2020-11_02?

  1. Download the Agent file(s) from the Customer Portal.
  2. Click here to follow the Agent installation guides to install on Windows, Mac, or Linux.

Please contact security@arcticwolf.com if you need assistance.
Arctic Wolf Resources | On-Demand
Webinars
A photograph of a pack of wolves with a blue and purple overlay.
 
Hunting with the Pack
 
» The Arctic Wolf threat hunting approach
» Finding web shells
» Hunting for credential theft
» Network anomalies
» What happens when we find a threat
 
 
A top-down photograph of a person typing on a laptop with a blue and purple overlay.
 
Playing by the CRulEs
 
» What are the CRulEs
» How they are created and refined
» Unique applications
» Review example rules
» How we use these rules
 
Arctic Wolf
Security Wins 
Arctic Wolf Saves the Day in the Middle of the Night for Large Manufacturer
Bad actors don't play by the rules, don't take time off, and they do not keep normal business hours. In fact, the 2020 Arctic Wolf Security Report found that 35 percent of incidents happen after hours. That's why year-round, 24x7 coverage is essential to businesses of all sizes.

Read our feature Security Wins article article and see how within three minutes of an incident being detected, Arctic Wolf notified the customer to immediately remove the system from the network and block the malicious IP address on all firewalls.  

Leave A Review
A black and white photograph of a man holding a briefcase of money with hundred dollar bills flying through the air.
CONTEST
 
Enter for your chance to win a $25 e-Gift card!
 
The Arctic Wolf Pack needs your help creating a name for this brand new quarterly newsletter. What headline would capture your attention? Get creative and submit your ideas!

Deadline to submit is Friday, December 20.