DATA SECURITY

Arctic Wolf Selects AWS to Power Global Cybersecurity Offering at Scale

Arctic Wolf | September 03, 2021

Amazon Web Services, Inc.  an Amazon.com, Inc. company announced that Arctic Wolf Networks has selected AWS as its primary cloud provider to power the company’s innovative, cloud-native security operations platform. Arctic Wolf is one of the leading cybersecurity technology innovators in the world. The company provides turnkey, managed threat detection and response, risk management, cloud monitoring, and security training and awareness services to organizations. The company’s hybrid approach to security combines the scale, speed, and processing power of cloud-based automation with the experience of trained security experts to transform how organizations protect themselves. Using AWS’s unmatched portfolio of cloud capabilities, including containers, serverless, analytics, database, compute, and storage, Arctic Wolf can cost-effectively process more than 1.4 trillion unique security events a week from its global and fast-growing customer base. In addition, Arctic Wolf plans to leverage AWS’s proven global infrastructure to continue to expand its operations across Europe, the Asia-Pacific region, and beyond.

Under the traditional cybersecurity model, companies typically relegate security to IT teams that rely on disparate technology solutions in an attempt to keep up with rapidly evolving threats. These systems can flood IT teams with security notifications, making it hard to differentiate between meaningful threats and noise and leaving organizations vulnerable to attack. In contrast, Arctic Wolf’s approach uses AWS to power and deliver its cloud-native Arctic Wolf Platform, which is remotely managed by Arctic Wolf’s “Concierge Security Team” (CST) in the cloud. The platform collects, enriches, and analyzes security data at scale and flags the CST when a potential threat requires additional scrutiny. The CST, in turn, alerts a customer only after they have validated a security incident and can provide recommended response options. In July 2021, Arctic Wolf used AWS to process and analyze more than 200 billion security events per day, including threats such as viruses, ransomware attacks, and compromised websites.

Arctic Wolf uses the breadth and depth of AWS services to elastically scale their offerings and meet global customer demand with low latency. The company typically runs more than 60,000 containers on Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS) to provide its detection services. AWS Auto Scaling provides the elasticity and availability required to handle peak loads and events such as zero-day security incidents that often affect multiple customers over different geographical regions. When Arctic Wolf registers a security observation as suspicious activity, their CST leverages AWS Lambda (AWS’s serverless compute service that lets customers run code without provisioning or managing servers) to trigger further automated analysis, review the findings, and validate threats before escalating to the customer. The company also uses AWS’s managed database services, including Amazon DynamoDB and Amazon Relational Database Service (Amazon RDS), to process security observation data at scale, looking for outliers or unexpected patterns of activity that could indicate potential threats. Arctic Wolf then automatically references that data against historical activity and serves the analysis to their CST to evaluate in the context of emerging threats.
“As repeatedly demonstrated by recent ransomware incidents, the digital threat landscape continues to evolve, with attack surfaces that include consumer devices and public infrastructure that connects to corporate networks. Organizations and consumers alike feel the impact when data and personal information falls into the wrong hands, yet businesses can easily become overwhelmed trying to manage security alerts on their own. Arctic Wolf combines the best of technology and human intelligence to help our customers stay ahead of threats. Our hybrid security approach powered by AWS is enabling more organizations around the world to innovate with the confidence that their systems and data are secure,” said Nick Schneider, CEO, Arctic Wolf. “AWS’s proven performance and security, global reach, and breadth of services, as well as the agility we gain by running in the cloud, are critical to achieving our mission to end cyber risk. The Arctic Wolf Platform was born in the cloud, and we look forward to continuing our work with AWS as a customer and a partner to help organizations across industries protect themselves and those they serve.”

Moving forward, Arctic Wolf will use AWS’s proven global infrastructure to expand their managed services quickly and cost effectively. Running on AWS, Arctic Wolf can replicate its IT architecture in additional AWS Regions in a matter of weeks rather than construct new data centers. The company recently announced plans to launch their first European security operations center by the end of 2021, which will be located in Germany and use the AWS Europe (Frankfurt) Region.

Arctic Wolf is an ISV Partner in the AWS Partner Network (APN) and an AWS Level 1 Managed Security Service Provider (MSSP), a new designation that AWS announced last week. It means Arctic Wolf is a cybersecurity business that has met or exceeded 10 managed security service specializations that protect and monitor essential AWS resources, are delivered as a 24/7 fully managed service, and span vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security. In addition, through an expanding technical relationship, Arctic Wolf and AWS are committed to better integrating their security services to keep joint customers secure from advanced attacks.

“The cloud-native nature of Arctic Wolf’s comprehensive security operations platform, coupled with the performance and reliability of AWS, gives us the agility and broad visibility we need in an ever-expanding cyber threat environment,” said Bill Berzinskas, Director of Reliability and Security at Teamworks, a customer of Arctic Wolf. “We’re scaling our SaaS platform from a simple web application to a mature business with hundreds of thousands of users, and the security operations approach pioneered by Arctic Wolf and powered by AWS gives us the confidence and security posture we need to grow our business.”

“Arctic Wolf is elevating security operations to help organizations of all sizes reliably and cost-effectively protect themselves in a constantly shifting threat landscape. AWS makes it possible for Arctic Wolf to expand their service to benefit customers around the world and rapidly adapt to emerging threats,” said Stephen Schmidt, Vice President of Security Engineering and Chief Information Security Officer, Amazon Web Services, Inc. “By running on AWS, Arctic Wolf has the performance, elasticity, breadth of services, and go-to-market support they need to keep their customers safe and scale with demand. We’re delighted to deepen our collaboration and congratulate them on their managed cloud security capabilities and distinction of AWS Level 1 MSSP Competency.”

About Amazon Web Services
For over 15 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud offering. AWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 200 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 81 Availability Zones within 25 geographic regions, with announced plans for 21 more Availability Zones and seven more AWS Regions in Australia, India, Indonesia, Israel, Spain, Switzerland, and the United Arab Emirates. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. To learn more about AWS, visit aws.amazon.com.

About Amazon
Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth’s Most Customer-Centric Company, Earth’s Best Employer, and Earth’s Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon.

Spotlight

The End of Support (EOS) of Microsoft Windows Server 2003 in July 2015 will put millions of enterprise servers at risk. If your organization uses Microsoft Server 2003, the EOS will introduce serious security risks unless you are fully prepared to migrate to a new platform or put compensating controls in place. Because hackers know that Microsoft will no longer acknowledge or patch vulnerabilities, these servers will quickly become a favorite target for attacks.

Spotlight

The End of Support (EOS) of Microsoft Windows Server 2003 in July 2015 will put millions of enterprise servers at risk. If your organization uses Microsoft Server 2003, the EOS will introduce serious security risks unless you are fully prepared to migrate to a new platform or put compensating controls in place. Because hackers know that Microsoft will no longer acknowledge or patch vulnerabilities, these servers will quickly become a favorite target for attacks.

Related News

SOFTWARE SECURITY

CyCraft Technology announced that CyCraft JP has officially joined the Nippon CSIRT Association .

prnewswire | November 03, 2020

CyCraft Technology, the quickest developing network safety firm in Asia, today declared that CyCraft JP has authoritatively joined the Nippon CSIRT Association (NCA). CSIRT (Computer Security Incident Response Team, Computer Security Incident Response Team) alludes to a group of security investigators that not just arrangement with and react to network safety episodes, gather and examine occurrence related weakness knowledge, assault strategies, methods, and methodology (TTP) yet additionally plan playbooks and complete reactions to security occurrences. Lately, Japanese associations have started building and building up their own personal inward CSIRTs; notwithstanding, cyberattacks in the 21st century are turning out to be increasingly complex and regular, making it increasingly more hard for one CSIRT to deal with independently. Nippon CSIRT Association (NCA) was set up to bring together the insight, assets, and ability of numerous CSIRTs with the goal that one CSIRT utilizing the knowledge, assets, and capacity of different CSIRTs could conquer security occurrences and increment Japan's general digital flexibility. NCA isn't the principal CSIRT association CyCtaft has joined. Recently, CyCraft Taiwan joined the worldwide CSIRT association, FIRST (Forum of Incident Response and Security Teams). CyCraft Technology isn't simply dedicated to raising the strength of worldwide associations yet additionally dedicated to showing dependability, demonstrable skill, and precise and noteworthy danger insight, explicitly in the APAC market. About CyCraft CyCraft is a world-leading cybersecurity company and the fastest-growing cybersecurity company in Asia. They have developed multiple innovative AI-driven technologies to achieve security intelligent protection automation, such as threat intelligence gateway (TIG), network detection and response (NDR), endpoint protection(EPP), advanced and managed endpoint detection and response (EDR & MDR), and global cyber threat intelligence (CTI), all delivered via their information security monitoring platform, CyCraft AIR. They participated in the U.S. MITRE ATT&CK® Evaluations in 2019 and received top marks in automated detection capabilities with zero configuration changes. CyCraft secures multiple government agencies, Fortune Global 500 firms, top banks and financial institutions, critical infrastructure, airlines, telecommunications, hi-tech firms, and SMEs. In Q1 2020, CyCraft won multiple gold awards in Cybersecurity Excellence Awards. In Q2 2020, US venture capital Momentum Cyber included CyCraft in the Advanced MSS & MDR and EDR sectors of their 2020 CYBERscape, and CyCraft won Best Security Solution of Interop Tokyo 2020.

Read More

DATA SECURITY

GlobalLogic Announces Partnership with Cybereason to Develop Advanced, Intelligent Cyber Protection Solutions

GlobalLogic_min | December 01, 2021

GlobalLogic Inc., a Hitachi Group Company and leader in Digital Engineering, today announced that it has been selected by Cybereason, the leader in operation-centric attack protection, to help develop its next-generation cyber security platform and services. Deployed by large enterprises, governments, and major cloud providers worldwide, Cybereason’s future-ready attack protection spans across endpoints, the enterprise, the cloud, and everywhere the defenders battle cyber criminals. The collaboration will draw on GlobalLogic’s broad and deep expertise in security and data management software across devices through to the cloud, including the integration of advanced artificial intelligence (AI). The program is one of the largest won by GlobalLogic in this field to date. It requires quickly scaling to hundreds of specialized engineers supporting Cybereason’s development roadmap over the next year. This program scope highlights the market’s need for stronger, better cybersecurity as cloud use, network expansions and other technology usage continued their upward trend and surged during the pandemic. “Cyber threats have become considerably more frequent and sophisticated in recent years. We’ve become dangerously more vulnerable in areas traditional security solutions could not adequately protect—the network and the cloud,” said Rajaram Radhakrishnan, CRO, GlobalLogic. “Having operated in the cybersecurity space for more than a decade, GlobalLogic has become adept at successfully responding to complex requirements. Cybereason is a premier example of a crucial innovator building disruptive defense solutions, redefining what government-grade protection can be. We are honored to now be a part of their team.” Cybereason delivers the most comprehensive protection available on the market today, analyzing more than 23 trillion security-related events per week—five times the volume of any other market solution. Using its patented Malicious Operations (MalOps™) engine, Cybereason reveals the full attack story across every device, user identity, application, and cloud deployment. One of Cybereason’s key solutions delivering this capability is the company’s Extended Detection and Response (XDR) solution—a unified detection and response tool that thwarts malicious operations across the entire IT stack. XDR is one of the several advanced technologies that GlobalLogic’s team will help Cybereason develop and enhance through the partnership. “Cybereason’ operation-centric security approach is helping defenders combat sophisticated and persistent threats to their organizations. While other companies have security analysts chasing alerts without offering valuable insight, Cybereason helps organizations around the world leverage our award-winning technology each day to outthink and outpace attackers,GlobalLogic’s track record along with its responsiveness and collaborative approach to R&D stood out as major factors in finalizing our partnership. Together, we will deliver next-gen cyber defense solutions that will help technology users better control their sensitive data and operations—no matter where they reside.” Sam Curry, Chief Security Officer, Cybereason About GlobalLogic GlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world. By integrating experience design, complex engineering, and data expertise – we help our clients imagine what’s possible and accelerate their transition into tomorrow’s digital businesses. Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries. GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501), which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business. About Cybereason Cybereason is the champion for today’s cyber defenders, providing operation-centric attack protection that unifies security from the endpoint to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated AI-powered detection and response (EDR and XDR), next-gen antivirus (NGAV), Anti-Ransomware Protection and Proactive Threat Hunting to deliver context-rich analysis of every stage of a MalOp™ (malicious operation). Cybereason is a privately held, international company headquartered in Boston with customers in more than 40 countries.

Read More

DATA SECURITY

New Enterprise Security Program Review Offering to address overlooked cyber risks by DirectDefense Launches

businesswire | January 27, 2021

DirectDefense, Inc., a data security administrations organization that gives endeavor hazard appraisals, entrance testing, consistence the executives, and every minute of every day oversaw administrations, reported today the dispatch of the Enterprise Security Program Review (ESPR), a joint security offering with IronNet, Unlimited Technology and Exero. A first-of-its-sort in the Managed Security Services Provider (MSSP) space, the ESPR estimates the current and wanted future condition of an association's framework against the National Industry Standards and Technology (NIST) network safety controls. The ESPR will evaluate, test, and survey an association's current security controls, break down danger openness, and help actualize separately customized security arrangements. Applying an all encompassing way to deal with network safety, this contribution addresses digital dangers missed by single-arrangement suppliers. ESPR is the solitary far reaching answer for help both huge and little undertaking clients, guaranteeing the establishment, change and activity of an effective network safety guard stage.

Read More