Incident Response Contact During a Cybersecurity Incident

Updated Dec 14, 2023

Incident Response contact

If you experience a cybersecurity incident and have the Incident Response (IR) Retainer, you can report the incident to Arctic Wolf® for assistance. See IR JumpStart Retainer for more information.

Note: If you are an existing Managed Detection and Response (MDR) customer and want to check if you are eligible for IR JumpStart Retainer, contact your Concierge Security® Team (CST) at

Contact Arctic Wolf during a cybersecurity incident

How Arctic Wolf responds to a cybersecurity incident report

After an organization reports a cybersecurity incident to Arctic Wolf:

  1. The Arctic Wolf Security Services team investigates the incident and determines if it should be escalated to the Arctic Wolf IR team (formerly Tetra Defense).

  2. If the cybersecurity incident qualifies, a member of the IR team contacts you to schedule a free scoping call. During this call, Arctic Wolf:

    • Reviews your incident.
    • Prepares a statement of work (SOW).
  3. If you sign the SOW, the team works with you to remediate the security incident.

  4. If you are enrolled in the Security Operations Warranty program, see Creating Arctic Wolf Security Operations Warranty Claims for instructions to make a cybersecurity event claim.