Managed Detection and Response

Arctic Wolf® Managed Detection and Response (MDR) provides 24×7 monitoring to help you detect, respond, and recover from cyber attacks. Security telemetry is collected from internal and external networks, endpoints, and cloud environments. Then, this data is enhanced by threat feeds, open-source intelligence (OSINT) data, common vulnerabilities and exposure (CVE) information, account takeover data, and more. Your Concierge Security® Team (CST) uses this data to provide context to incidents that they investigate and triage.

The MDR license includes Arctic Wolf Agent and Active Response. Agent provides endpoint intelligence, and enhanced threat detection and response capabilities to inform your security posture.

Your CST is your single point of contact for your MDR solution. They provide you with:

  • 24x7 security monitoring across all systems.
  • Standard and customized alerting.
  • Standard and customized reporting.
  • Compliance and audit support.
MDR can gather information from your environment from these telemetry sources:
  • Arctic Wolf Sensors — External network devices that performs passive network inspection and collect security-relevant data for analysis. You can deploy one or more physical or virtual sensor deployments to monitor events in your network and identify potential threats. For more information, see Arctic Wolf Sensors.
  • Cloud sensors and log forwarding — Integrations for log forwarding from cloud sources and other syslog sources. Arctic Wolf can ingest logs from a wide array of log sources, but may not have rulesets or parsing available for all sources. For more information, see Supported integrations for log forwarding.
  • Arctic Wolf Agent — An endpoint security management tool that forwards security-relevant event and audit logs from endpoint devices in your network to Arctic Wolf to support continuous threat monitoring. For more information, see Arctic Wolf Agent.
  • Aurora Endpoint Security — A unified endpoint security solution that consolidates AI-driven tools to detect, protect against, and remediate threats on every endpoint. For more information, see What is Aurora Endpoint Security?

Learn more about MDR

Learn how Arctic Wolf helps your organization proactively defend against cyber threats.

Allow Arctic Wolf to take response actions

Allow Arctic Wolf to respond to potential threats in your network.

Monitor Active Directory

Enable security monitoring for Active Directory (AD).

Monitor cloud services

Enable security monitoring for cloud application services.

View log data

Search logs forwarded to Arctic Wolf from systems in your environment.