Arctic Wolf Product Updates
Learn about new features, updates, and enhancements for Arctic Wolf® products.
April 9, 2026
-
Updated the Microsoft Defender XDR with Graph API sensor to support monitoring for Microsoft Defender for Cloud, Microsoft Defender for Cloud Apps, Microsoft Defender for Endpoint, Microsoft Defender for Identity, and Microsoft Defender for Office 365. Going forward, customers only need to set up a Microsoft Defender XDR with Graph API sensor to monitor their Microsoft Defender services.
For more information, see Configure Microsoft Defender XDR with Graph API for Arctic Wolf monitoring and Microsoft Graph v.1.0 Alerts API Deprecation FAQ.
March 26, 2026
Managed Service Provider (MSP) Portal
- Added the ability for MSPs to generate monthly per customer and MSP aggregate Executive Ticket Summary reports directly from the MSP Portal as well as the ability to generate daily ticket priority insights.
For more information, see Generate customer reports.
March 24, 2026
-
Added the onboarding experience functionality in the Unified Portal. Users can now complete onboarding tasks from the Organization Overview page, such as adding information about the organization's users, sites, and sensors. For more information, see Manage onboarding and setup tasks.
March 17, 2026
-
Added support for CrowdStrike Falcon Identity Protection cloud security monitoring, allowing Arctic Wolf to alert you about identity-based threats.
For more information, see Configure CrowdStrike Falcon Identity Protection for Arctic Wolf monitoring.
-
Added support for Wiz cloud security monitoring, allowing Arctic Wolf to alert you about issues and detections from the Wiz cloud platform.
For more information, see Configure Wiz for Arctic Wolf monitoring.
- Added the option to receive notifications through the Unified Portal, in the
Notifications menu. Notifications remain for 30 days and can be customized using the Notification Preferences page.
For more information, see Configure notification preferences.
February 23, 2026
-
Added the ability to rescan up to 200 assets on the Impacted Assets page.
For more information, see Rescan an asset.
February 18, 2026
-
Added the new Risk Remediation Trends widget, which allows you to view the results of your remediation efforts over a specific time range and compare it with incoming risks.
For more information, see View your risk metrics.
February 17, 2026
- Improved Aurora Security Assistant to answer questions about Arctic Wolf products and services based on the public Arctic Wolf Help Documentation.
For more information, see Aurora Security Assistant.
- Added a Coverage score to the MSP Portal landing page. The score represents the visibility that your environment has through the MDR
For more information, see Table column descriptions and View your coverage score.
February 4, 2026
-
Added the ability to view risks grouped by suggested remediation, for example, the software version to upgrade to or configuration change to apply to resolve risks. Each remediation identifies the number of assets impacted and total number of risks that will be fixed if the remediation is applied. You can export the remediation data into a CSV file, so that you can process, share, or import it into another system
For more information, see Risks table, Risk filters, Export remediation data, and View assets impacted by remediation.
February 3, 2026
-
The end of technical support dates for the Aurora Protect 3.2 and Aurora Focus 3.2 agents have been extended to May 19, 2026. This allows for more time to upgrade from these versions and make sure devices remain protected. For more information, see the Aurora Protect and Aurora Focus software lifecycles.
January 28, 2026
- You can now schedule sensor and scanner updates in the Unified Portal.
For more information, see Sensor upgrades.
January 27, 2026
-
Added visual representations of your Cyber Resilience Index to reports generated for the Cyber Resilience Assessment.
- Added the option to include comments when you generate a report for the Cyber Resilience Assessment.
For more information, see Download a Cyber Resilience Assessment report.
- You can now access the Incident Response (IR) Planner directly in the Unified Portal. For more information, see Incident Response Planner.
-
Added the ability to integrate your ITSM solution with the Unified Portal, which allows you to create tickets for risks and track risk remediation.
For more information, see Integrate your ITSM solution with the Unified Portal, Create an ITSM ticket for the risks in your organization, Risks table, and View risk details.
- Added two new widgets for metrics about the risks in your environment. The Top Risks by Asset Category widget allows you to view the number of risks your environment has in the top eight risk categories, with the most critical risks listed first, followed by high, medium, and then low. The Latest Security Bulletins widget lists the five most recent Arctic Wolf Research team Security Bulletins about Common Vulnerabilities and Exposures (CVEs) that are present in your environment. This helps you to improve your understanding of which assets are impacted by the CVEs and prioritize remediation efforts.
For more information, see View your risk metrics.
-
Added saved filters to the Risks page. You can now view, save, edit, apply, and delete custom filter sets. This makes it easier for you to view data with filters applied that you regularly use, and saves you time with administrative tasks.
For more information, see Risk filters.
-
Added the ability to rescan an asset outside of a scan schedule. This allows you to verify changes made to an asset without waiting for the next scan window to complete.
For more information, see Rescan an asset.
Managed Security Awareness® (MA)
- Added the the ability for Managed Security Awareness (MA) Plus customers to customize phishing simulation emails. Administrators can customize the phishing simulation emails by creating their own template or duplicating and then modifying an existing Managed Program template.
For more information, see Customize Phishing Simulation Email Template Content.
- Added the ability for Managed Security Awareness® (MA) administrators to customize program emails with Header and Footer fields. Administrators can now add custom branding text to QuickStart and awareness sessions, User Status Report emails, and User Compliance Status report emails to enable Private Labeling.
For more information, see Customize MA emails using private labeling.
- Added a granular enable or disable toggle to manage User Status Reports sent from the Incomplete Session Manager for Awareness and Compliance. This provides additional control of the frequency of the User Status Report notifications for MA users.
For more information, see Enable or disable phishing simulation emails.
MDR | Syslog forwarding
- Added support for Juniper next-generation firewall (NGFW) security monitoring, allowing Arctic Wolf to alert you about suspicious firewall activity.
For more information, see Configure Juniper NGFW to send logs to Arctic Wolf.
-
Added the Security Investigations page under the Tickets & Alerts section of the navigation menu. This page allows you to view details for ticketed or closed investigations, including the investigation timeline of actions taken.
For more information, see Security Investigations.
January 8, 2026
- Added a notifications feature to the MSP Portal. To view announcements about new features and enhancements, click
Notifications.
- Added Engagement Type and IR Plan Status columns to the home page.
For more information, see View customer organizations.
- Added tooltips for abbreviated subscription names in the Subscriptions column. To view the full name of a subscription, hover over an abbreviation.