Data Security

Arctic Wolf Selects AWS to Power Global Cybersecurity Offering at Scale

Amazon Web Services, Inc.  an Amazon.com, Inc. company announced that Arctic Wolf Networks has selected AWS as its primary cloud provider to power the company’s innovative, cloud-native security operations platform. Arctic Wolf is one of the leading cybersecurity technology innovators in the world. The company provides turnkey, managed threat detection and response, risk management, cloud monitoring, and security training and awareness services to organizations. The company’s hybrid approach to security combines the scale, speed, and processing power of cloud-based automation with the experience of trained security experts to transform how organizations protect themselves. Using AWS’s unmatched portfolio of cloud capabilities, including containers, serverless, analytics, database, compute, and storage, Arctic Wolf can cost-effectively process more than 1.4 trillion unique security events a week from its global and fast-growing customer base. In addition, Arctic Wolf plans to leverage AWS’s proven global infrastructure to continue to expand its operations across Europe, the Asia-Pacific region, and beyond.

Under the traditional cybersecurity model, companies typically relegate security to IT teams that rely on disparate technology solutions in an attempt to keep up with rapidly evolving threats. These systems can flood IT teams with security notifications, making it hard to differentiate between meaningful threats and noise and leaving organizations vulnerable to attack. In contrast, Arctic Wolf’s approach uses AWS to power and deliver its cloud-native Arctic Wolf Platform, which is remotely managed by Arctic Wolf’s “Concierge Security Team” (CST) in the cloud. The platform collects, enriches, and analyzes security data at scale and flags the CST when a potential threat requires additional scrutiny. The CST, in turn, alerts a customer only after they have validated a security incident and can provide recommended response options. In July 2021, Arctic Wolf used AWS to process and analyze more than 200 billion security events per day, including threats such as viruses, ransomware attacks, and compromised websites.

Arctic Wolf uses the breadth and depth of AWS services to elastically scale their offerings and meet global customer demand with low latency. The company typically runs more than 60,000 containers on Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS) to provide its detection services. AWS Auto Scaling provides the elasticity and availability required to handle peak loads and events such as zero-day security incidents that often affect multiple customers over different geographical regions. When Arctic Wolf registers a security observation as suspicious activity, their CST leverages AWS Lambda (AWS’s serverless compute service that lets customers run code without provisioning or managing servers) to trigger further automated analysis, review the findings, and validate threats before escalating to the customer. The company also uses AWS’s managed database services, including Amazon DynamoDB and Amazon Relational Database Service (Amazon RDS), to process security observation data at scale, looking for outliers or unexpected patterns of activity that could indicate potential threats. Arctic Wolf then automatically references that data against historical activity and serves the analysis to their CST to evaluate in the context of emerging threats.
“As repeatedly demonstrated by recent ransomware incidents, the digital threat landscape continues to evolve, with attack surfaces that include consumer devices and public infrastructure that connects to corporate networks. Organizations and consumers alike feel the impact when data and personal information falls into the wrong hands, yet businesses can easily become overwhelmed trying to manage security alerts on their own. Arctic Wolf combines the best of technology and human intelligence to help our customers stay ahead of threats. Our hybrid security approach powered by AWS is enabling more organizations around the world to innovate with the confidence that their systems and data are secure,” said Nick Schneider, CEO, Arctic Wolf. “AWS’s proven performance and security, global reach, and breadth of services, as well as the agility we gain by running in the cloud, are critical to achieving our mission to end cyber risk. The Arctic Wolf Platform was born in the cloud, and we look forward to continuing our work with AWS as a customer and a partner to help organizations across industries protect themselves and those they serve.”

Moving forward, Arctic Wolf will use AWS’s proven global infrastructure to expand their managed services quickly and cost effectively. Running on AWS, Arctic Wolf can replicate its IT architecture in additional AWS Regions in a matter of weeks rather than construct new data centers. The company recently announced plans to launch their first European security operations center by the end of 2021, which will be located in Germany and use the AWS Europe (Frankfurt) Region.

Arctic Wolf is an ISV Partner in the AWS Partner Network (APN) and an AWS Level 1 Managed Security Service Provider (MSSP), a new designation that AWS announced last week. It means Arctic Wolf is a cybersecurity business that has met or exceeded 10 managed security service specializations that protect and monitor essential AWS resources, are delivered as a 24/7 fully managed service, and span vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security. In addition, through an expanding technical relationship, Arctic Wolf and AWS are committed to better integrating their security services to keep joint customers secure from advanced attacks.

“The cloud-native nature of Arctic Wolf’s comprehensive security operations platform, coupled with the performance and reliability of AWS, gives us the agility and broad visibility we need in an ever-expanding cyber threat environment,” said Bill Berzinskas, Director of Reliability and Security at Teamworks, a customer of Arctic Wolf. “We’re scaling our SaaS platform from a simple web application to a mature business with hundreds of thousands of users, and the security operations approach pioneered by Arctic Wolf and powered by AWS gives us the confidence and security posture we need to grow our business.”

“Arctic Wolf is elevating security operations to help organizations of all sizes reliably and cost-effectively protect themselves in a constantly shifting threat landscape. AWS makes it possible for Arctic Wolf to expand their service to benefit customers around the world and rapidly adapt to emerging threats,” said Stephen Schmidt, Vice President of Security Engineering and Chief Information Security Officer, Amazon Web Services, Inc. “By running on AWS, Arctic Wolf has the performance, elasticity, breadth of services, and go-to-market support they need to keep their customers safe and scale with demand. We’re delighted to deepen our collaboration and congratulate them on their managed cloud security capabilities and distinction of AWS Level 1 MSSP Competency.”

About Amazon Web Services
For over 15 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud offering. AWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 200 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 81 Availability Zones within 25 geographic regions, with announced plans for 21 more Availability Zones and seven more AWS Regions in Australia, India, Indonesia, Israel, Spain, Switzerland, and the United Arab Emirates. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. To learn more about AWS, visit aws.amazon.com.

About Amazon
Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth’s Most Customer-Centric Company, Earth’s Best Employer, and Earth’s Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon.

Spotlight

Spotlight

Related News

Software Security

Trellix and One Source Deliver Industry-Leading Managed Detection and Response Security Services

Trellix | January 22, 2024

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), today announced an expanded strategic partnership with One Source, a Managed Security Services Provider (MSSP) and technology delivery partner. Customers benefit from a Fortune 500 SOC capability built on the Trellix XDR Platform with AI-guided intelligence, enabling faster detection, investigation, and remediation. “The partnership aligns with Trellix’s ongoing commitment to secure organizations from advanced cyber threats,” says Sean Morton, SVP of Professional Services at Trellix. “Leveraging One Source’s MDR capabilities and expanded footprint, we enable more businesses to build cyber resilience, with continued innovation in our combined products and solution offerings to stay ahead of bad actors.” One Source has multiple SOCs leveraging Trellix’s technology, staffed by the industry’s top experts to provide Managed Detection and Response (MDR) capabilities. Their team implements a proactive cyber strategy for customers specific to industry, technology environment, and vulnerabilities, built on the Trellix XDR Platform with 24x7 monitoring. The partnership and combined expertise benefits customers with enhanced services like managed threat detection and response, incident response, security operations and analytics, threat intelligence, threat hunting and forensics, and training and enablement. “The Trellix and One Source partnership is extremely powerful; the former offers an incredible set of security solutions, and the latter excels at personalized deployment and execution,” said Paul Moline, Chief Information Officer, Lindsay Automotive Group. “I never anticipated we could protect our environment with the same security solutions used by government agencies and Fortune 50 companies: I can now sleep at night.” The Trellix XDR Platform’s open architecture and broad set of native security controls across endpoint, email, network, cloud, and data security integrates with over 500 third-party tools to create multi-vector, multi-vendor event correlation and context to speed up investigations. The Trellix Advanced Research Center provides an additional layer of protection by continuously informing the platform with information from millions of global sensors on the latest threat vectors, tactics, and recommendations. One Source experts apply these insights to stay ahead of the constantly evolving threat landscape. “The collaboration with Trellix is a game-changer in reshaping the cybersecurity landscape,” says Eric Gressel, Executive Vice President of Sales, One Source. “Thanks to our partnership, we have access to the highest level of cyber intelligence to fend off newly-revealed hackers and their means of attack, enabling our customers with the most comprehensive offering of enhanced Managed Security Services to protect their businesses.” One Source has a proven track record supporting global businesses spanning retail, restaurant, automotive, healthcare, financial, and manufacturing industries. Trellix customers can rely on One Source's leading Managed Security Services to optimize technology expenses while enhancing telecom connectivity, IT infrastructure, and cybersecurity strategies. About Trellix Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through machine learning and automation to empower over 40,000 business and government customers with living security. More at https://trellix.com. About One Source One Source helps businesses simplify a complex technology world. One Source is the leading provider of Technology and Managed Security Services for enterprises. Today, One Source manages more than 2,500 customers, 45,000 business locations, and over one million assets throughout North America. In addition to Managed Security Services, One Source provides Managed Technology Expense Management, 24 / 7 local helpdesk, procures and provisions telecom & IT solutions, and manages customer service requests. One Source frequently generates triple-digit ROI for customers through contract negotiation, portfolio optimization, and ongoing expense management. In addition, One Source leverages partnerships with industry leaders, including Trellix to bring Fortune 500 security solutions and fully managed services to the mid-market. One Source's approach empowers businesses to focus on customers and revenue-generating activities. Learn more at https://www.onesource.net/.

Read More

Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

End Point Protection

Malwarebytes Unveils New K-12 ThreatDown Bundle to Defend Schools and Districts from Cyberattacks

Malwarebytes | January 24, 2024

Malwarebytes, a global leader in real-time cyber protection, today announced the availability of ThreatDown K-12 Bundle, combining the cybersecurity technologies and services that K-12 education institutions need into a streamlined, cost-effective bundle. Purpose-built to reduce risk, complexity and costs for districts and schools, the ThreatDown K-12 Bundle delivers unified protection with an intuitive, easy-to-manage design. The ThreatDown K-12 Bundle allows schools to optimize device uptime and improve productivity, while protecting students and staff, devices and data from the latest cyber threats. "Schools are increasingly facing cyber threats with limited IT resources, leading to a rise in ransomware attacks that affect staff, teaching, and student well-being," said Marcin Kleczynski, Founder and CEO of Malwarebytes. "Historically, cost barriers prevented schools from adopting cybersecurity managed services. Our K-12 Bundle packages together everything districts need to reduce risk and comply with regulations within a manageable budget. We're committed to making powerful protection and managed services accessible to vulnerable schools and students." Bridging the Cybersecurity Gap for Resource-constrained K-12 IT Teams Modern K-12 educational institutions have a wide range of school-, staff- and student-owned devices – from traditional laptops, desktops and servers to Chromebooks, iPadOS, iOS, and Android devices. While these devices greatly enrich the student learning experience and streamline operations for staff, they also introduce new risks. Key features of the ThreatDown K-12 Bundle include: Award-winning endpoint security: K-12 Bundle is built on ThreatDown's strongest AI/ML-driven prevention, detection and response technologies fortified by built-in innovations to reduce the attack surface. These technologies simplify the process of finding and patching software vulnerabilities and prevent unauthorized programs from executing. 24x7x365 managed services: The K-12 Bundle combines ThreatDown advanced technologies with Managed Detection and Response (MDR) service of ThreatDown cybersecurity experts to manage security and resolve alerts around the clock, delivered as an affordable, hassle-free bundle. Unified endpoint management: ThreatDown extends powerful endpoint protection across workstations, servers and mobile device to substantially strengthen schools' cybersecurity postures in compliance with new and pending regulations. Quick and easy to deploy, the K-12 Bundle saves time and resources with unified endpoint management for both traditional and mobile devices – all from a single, cloud-native console. Centralized, real-time visibility: K-12 IT teams can easily view activity across all devices in real time. With a unified platform and visibility for traditional and mobile endpoints, teams can monitor and protect devices from a single pane of glass. Teams can understand the threats to devices in their environments and mitigate potential risks. Advanced mobile protection: ThreatDown K-12 Bundle provides effective protection for Chromebooks, iPadOS, iOS, and Android devices, guarding against the latest mobile threats such as ransomware, malicious apps, and potentially unwanted programs (PUPs). With real-time protection, schools can also prevent accidental access to harmful websites, safeguard against malicious apps, block unwanted in-app ads, and enable a secure mobile experience for students. About Malwarebytes Malwarebytes is a global cybersecurity leader delivering award-winning endpoint protection, privacy and threat prevention solutions worldwide. Built on decades of experience as the last resort to find and eradicate the latest malware, Malwarebytes is now trusted by millions of individuals and organizations to stop threats at each stage of the attack lifecycle, secure digital identities and safeguard data and privacy. A world class team of threat researchers and proprietary AI-powered engines provide unmatched threat intelligence to detect and prevent known and unknown threats. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More