IR Retainer and IR Jumpstart Retainer Services

Updated Aug 29, 2023

Arctic Wolf Incident Response

This guide provides an overview of the Arctic Wolf® Incident Response (IR) Retainer and IR JumpStart Retainer services and how to contact Arctic Wolf when your organization experiences a cybersecurity incident.

Arctic Wolf IR services enable organizations to quickly respond and recover from cyberattacks. During a cyberattack, a dedicated team of cybersecurity incident response experts work with your organization to:

The IR Retainer is available to eligible Arctic Wolf customers who have enrolled in this service and who meet all of the following criteria:

Note: If you are an existing MDR customer and want to see if you are eligible to opt in to the IR Retainer, contact your Customer Success Manager.

Like the IR Retainer, the IR JumpStart Retainer also guarantees access to cybersecurity incident response experts during a cyberattack. However, the IR JumpStart Retainer provides additional benefits:

Contact Arctic Wolf during a cybersecurity incident

How Arctic Wolf responds to a cybersecurity incident report

After an organization reports a cybersecurity incident to Arctic Wolf:

  1. The Arctic Wolf Security Services team investigates the incident and determines if it should be escalated to the Arctic Wolf IR team (formerly Tetra Defense).

  2. If the cybersecurity incident qualifies, a member of the IR team contacts you to schedule a free scoping call. During this call, Arctic Wolf:

    • Reviews your incident.
    • Prepares a Statement of Work (SOW).
  3. If you choose to work with Arctic Wolf by signing the SOW, the team works with you to remediate the security incident.

  4. If you are enrolled in the Security Operations Warranty program, see Creating Arctic Wolf Security Operations Warranty Claims for instructions on making a cybersecurity event claim.