Home > News > featured news > Arctic Wolf Selects AWS to Power Global Cybersecurity Offering at Scale

DATA SECURITY

Arctic Wolf Selects AWS to Power Global Cybersecurity Offering at Scale

Arctic Wolf | September 03, 2021

Amazon Web Services, Inc. an Amazon.com, Inc. company announced that Arctic Wolf Networks has selected AWS as its primary cloud provider to power the company’s innovative, cloud-native security operations platform. Arctic Wolf is one of the leading cybersecurity technology innovators in the world. The company provides turnkey, managed threat detection and response, risk management, cloud monitoring, and security training and awareness services to organizations. The company’s hybrid approach to security combines the scale, speed, and processing power of cloud-based automation with the experience of trained security experts to transform how organizations protect themselves. Using AWS’s unmatched portfolio of cloud capabilities, including containers, serverless, analytics, database, compute, and storage, Arctic Wolf can cost-effectively process more than 1.4 trillion unique security events a week from its global and fast-growing customer base. In addition, Arctic Wolf plans to leverage AWS’s proven global infrastructure to continue to expand its operations across Europe, the Asia-Pacific region, and beyond.

Under the traditional cybersecurity model, companies typically relegate security to IT teams that rely on disparate technology solutions in an attempt to keep up with rapidly evolving threats. These systems can flood IT teams with security notifications, making it hard to differentiate between meaningful threats and noise and leaving organizations vulnerable to attack. In contrast, Arctic Wolf’s approach uses AWS to power and deliver its cloud-native Arctic Wolf Platform, which is remotely managed by Arctic Wolf’s “Concierge Security Team” (CST) in the cloud. The platform collects, enriches, and analyzes security data at scale and flags the CST when a potential threat requires additional scrutiny. The CST, in turn, alerts a customer only after they have validated a security incident and can provide recommended response options. In July 2021, Arctic Wolf used AWS to process and analyze more than 200 billion security events per day, including threats such as viruses, ransomware attacks, and compromised websites.

Arctic Wolf uses the breadth and depth of AWS services to elastically scale their offerings and meet global customer demand with low latency. The company typically runs more than 60,000 containers on Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS) to provide its detection services. AWS Auto Scaling provides the elasticity and availability required to handle peak loads and events such as zero-day security incidents that often affect multiple customers over different geographical regions. When Arctic Wolf registers a security observation as suspicious activity, their CST leverages AWS Lambda (AWS’s serverless compute service that lets customers run code without provisioning or managing servers) to trigger further automated analysis, review the findings, and validate threats before escalating to the customer. The company also uses AWS’s managed database services, including Amazon DynamoDB and Amazon Relational Database Service (Amazon RDS), to process security observation data at scale, looking for outliers or unexpected patterns of activity that could indicate potential threats. Arctic Wolf then automatically references that data against historical activity and serves the analysis to their CST to evaluate in the context of emerging threats.
“As repeatedly demonstrated by recent ransomware incidents, the digital threat landscape continues to evolve, with attack surfaces that include consumer devices and public infrastructure that connects to corporate networks. Organizations and consumers alike feel the impact when data and personal information falls into the wrong hands, yet businesses can easily become overwhelmed trying to manage security alerts on their own. Arctic Wolf combines the best of technology and human intelligence to help our customers stay ahead of threats. Our hybrid security approach powered by AWS is enabling more organizations around the world to innovate with the confidence that their systems and data are secure,” said Nick Schneider, CEO, Arctic Wolf. “AWS’s proven performance and security, global reach, and breadth of services, as well as the agility we gain by running in the cloud, are critical to achieving our mission to end cyber risk. The Arctic Wolf Platform was born in the cloud, and we look forward to continuing our work with AWS as a customer and a partner to help organizations across industries protect themselves and those they serve.”

Moving forward, Arctic Wolf will use AWS’s proven global infrastructure to expand their managed services quickly and cost effectively. Running on AWS, Arctic Wolf can replicate its IT architecture in additional AWS Regions in a matter of weeks rather than construct new data centers. The company recently announced plans to launch their first European security operations center by the end of 2021, which will be located in Germany and use the AWS Europe (Frankfurt) Region.

Arctic Wolf is an ISV Partner in the AWS Partner Network (APN) and an AWS Level 1 Managed Security Service Provider (MSSP), a new designation that AWS announced last week. It means Arctic Wolf is a cybersecurity business that has met or exceeded 10 managed security service specializations that protect and monitor essential AWS resources, are delivered as a 24/7 fully managed service, and span vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security. In addition, through an expanding technical relationship, Arctic Wolf and AWS are committed to better integrating their security services to keep joint customers secure from advanced attacks.

“The cloud-native nature of Arctic Wolf’s comprehensive security operations platform, coupled with the performance and reliability of AWS, gives us the agility and broad visibility we need in an ever-expanding cyber threat environment,” said Bill Berzinskas, Director of Reliability and Security at Teamworks, a customer of Arctic Wolf. “We’re scaling our SaaS platform from a simple web application to a mature business with hundreds of thousands of users, and the security operations approach pioneered by Arctic Wolf and powered by AWS gives us the confidence and security posture we need to grow our business.”

“Arctic Wolf is elevating security operations to help organizations of all sizes reliably and cost-effectively protect themselves in a constantly shifting threat landscape. AWS makes it possible for Arctic Wolf to expand their service to benefit customers around the world and rapidly adapt to emerging threats,” said Stephen Schmidt, Vice President of Security Engineering and Chief Information Security Officer, Amazon Web Services, Inc. “By running on AWS, Arctic Wolf has the performance, elasticity, breadth of services, and go-to-market support they need to keep their customers safe and scale with demand. We’re delighted to deepen our collaboration and congratulate them on their managed cloud security capabilities and distinction of AWS Level 1 MSSP Competency.”

About Amazon Web Services
For over 15 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud offering. AWS has been continually expanding its services to support virtually any cloud workload, and it now has more than 200 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 81 Availability Zones within 25 geographic regions, with announced plans for 21 more Availability Zones and seven more AWS Regions in Australia, India, Indonesia, Israel, Spain, Switzerland, and the United Arab Emirates. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. To learn more about AWS, visit aws.amazon.com.

About Amazon
Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth’s Most Customer-Centric Company, Earth’s Best Employer, and Earth’s Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon.

Spotlight

10 Critical Reasons Your Business Needs Cyber Security Services

In today's digital age, cyber security is more important than ever before. Every business, big or small, needs to protect themselves from cyber threats, which can result in data breaches, lost revenue, and damage to their reputation. In this video, we explore the top 10 reasons why your company needs cyber security services, from protecting sensitive data to preserving your reputation and providing peace of mind. With cyber attacks on the rise, it's essential to invest in cyber security services to ensure your business is protected around the clock. Watch this video to learn more about how cyber security services can help safeguard your business and keep your data safe.

More featured news

Spotlight

10 Critical Reasons Your Business Needs Cyber Security Services

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

SANS Institute Introduces New Cybersecurity Training for IT Administrators

SANS Security Awareness | February 21, 2023

On February 20, 2023, SANS Security Awareness, a subsidiary of the SANS Institute, announced the release of "Security Essentials for IT Administrators," a new short-form technical training program. This series offers a comprehensive overview of cybersecurity fundamentals, aimed primarily at those with a foundational grasp of network administration and/or IT systems to keep them updated and informed in the ever-changing cybersecurity space. As more IT professionals, like network/system administrators and engineers, take on security responsibilities, it is important for an organization's overall security to have relevant training for this group. This series is intended to raise IT professionals' knowledge of the distinct threat landscape they face by drawing on the objectives of such popular SANS training courses as SEC301, SEC388, SEC401, and SEC504. The product line is available to enterprises seeking to improve their security preparedness and awareness by purchasing directly from SANS Security Awareness or via Microsoft's 'Defender for Office 365' bundle. John Byrne, General Manager of SANS Security Awareness, said, "The launch of the Security Essentials for IT Administrators course marks an exciting chapter in our mission to deliver high-quality security training to professionals in the industry, especially to these users who carry unique risk because of their privileged access and advanced skill set." (Source – Cision PR Newswire) He added, "We are thrilled Microsoft identified SANS to provide this comprehensive technical content series to provide the necessary knowledge and skills to help protect against the most pressing security threats facing organizations across the globe. These modules offer a powerful solution to organizations seeking to bolster their security posture and streamline workforce management for technical teams." (Source – Cision PR Newswire) AboutSANS Security Awareness Established in 1989, the SANS Institute is a cooperative research and education organization. It is the most trusted and, by far, the biggest supplier of cybersecurity certification and training for professionals in business and government institutions around the world. Reputed SANS instructors teach over 60 courses at cybersecurity events in person, online, and on demand. SANS Security Awareness, a division of SANS, gives organizations a complete and thorough security awareness solution that makes it easy and effective for them to manage their "human" cybersecurity risk. SANS also provides the InfoSec community with a wide range of free resources, such as consensus projects, webcasts, podcasts, research reports, and newsletters. It also runs the Internet Storm Center, which is the Internet's early warning system.

DATA SECURITY, ENTERPRISE IDENTITY, NETWORK THREAT DETECTION

ForgeRock is the First Identity Platform to Fully Eliminate Passwords

ForgeRock | March 21, 2023

ForgeRock®, a global digital identity leader, today announced ForgeRock Enterprise Connect Passwordless, a new passwordless authentication solution that eliminates the need for users to interact with passwords inside large organizations. Enterprise Connect Passwordless is the latest addition to ForgeRock’s industry-leading, passwordless authentication portfolio for consumer and workforce use cases. Developed through ForgeRock’s strategic partnership with Secret Double Octopus, the new solution, integrated into ForgeRock Identity Platform, protects the most commonly used and vulnerable enterprise resources such as servers, workstations, remote desktops, and VPNs. It helps large enterprises proactively defend against costly cyber-attacks and unauthorized access by providing a passwordless experience to legacy applications, systems and services. In turn, organizations can deliver an employee experience that empowers people to access their information without needing to know a password. “The move to passwordless authentication will fundamentally change every digital experience on the planet, starting with the most common experience of all - logging in,” said Peter Barker, Chief Product Officer, ForgeRock. “With the addition of Enterprise Connect Passwordless, ForgeRock is the only solution to offer a full spectrum of passwordless capabilities that help employees and consumers say goodbye to remembering their passwords.” Organizations deploying ForgeRock Enterprise Connect Passwordless become a more secure enterprise by removing employee interaction with passwords, and reducing the risk of compromise. Benefits include eliminating employee account lockouts and reducing the volume of IT tickets, which can lower operational costs from help desk interactions, increase workforce productivity and enhance the user experience. Removing Passwordless Orchestration and Deployment Complexities ForgeRock Enterprise Connect Passwordless uses next generation identity orchestration capabilities that allow enterprises to easily design and implement passwordless login and access journeys tailored to their unique security and experience needs. With ForgeRock, organizations now have the freedom to move to passwordless at their own pace – without it being an “all or nothing” experience. “When an organization decides it wants to go passwordless to improve user experiences, that can be a heavy lift, made lighter when accompanied by user journey orchestration technology,” said Jay Bretzmann, Research Vice President, Security Products, IDC. “The ability to rapidly create login experiences tailored to groups of diverse individuals is an imperative for modern enterprises. Orchestration not only provides the tools to do this, but also the ability to ‘fine-tune’ journeys in real-time. What used to take programmers and developers weeks or months can now be accomplished by non-technical IT or identity staff for a fraction of the time and cost.” Available in Q2, Enterprise Connect Passwordless augments the company’s existing passwordless capabilities, adding to the ongoing work ForgeRock has been doing to eliminate consumer passwords for more than a decade. A History of Paving the Passwordless Path for Enterprises The ForgeRock Identity Platform has an extensive history of providing organizations several options to help deploy passwordless authentication for mobile and web applications to reduce fraud and improve the user experience. ForgeRock can accelerate passwordless deployment with integration for applications, support for identity standards, easy to use workflows to enable workforce and CIAM passwordless user journeys, and web-based passwordless authentication through a browser using passkeys in their mobile devices. ForgeRock already supports passwordless authentication capabilities through FIDO2 WebAuthn standards and passkeys within the ForgeRock Identity Cloud, low-code, no-code access orchestration with ForgeRock Intelligent Access and AI-driven threat protection within ForgeRock Autonomous Access. ForgeRock also has alliances with partners that have developed curated FIDO solutions for many different types of applications. About ForgeRock ForgeRock® is a global digital identity leader helping people simply and safely access the connected world. The ForgeRock Identity Platform delivers enterprise-grade identity solutions at scale for customers, employees, and connected devices. More than 1,300 organizations depend on ForgeRock’s comprehensive platform to manage and secure identities with identity orchestration, dynamic access controls, governance, and APIs in any cloud or hybrid environment.

DATA SECURITY, ENTERPRISE SECURITY

IronNet Signs Contract to Enhance Cybersecurity of U.S. NAVSEA

IronNet | February 13, 2023

IronNet, Inc. (IronNet), a pioneer in transforming cybersecurity through collective defense℠, recently announced the execution of an initial federal contract to deliver cybersecurity services to the United States Navy's Naval Sea Systems Command (NAVSEA), the largest of the Navy's five "systems commands." The agreement was entered following the successful completion of a pilot program that provided NAVSEA with the IronNet Collective Defense Platform. As nation-state cyber threats against the Defense Industrial Base (DIB) program of the Department of Defense (DoD) continue to increase, IronNet strengthens the DIB's cybersecurity prevention and protection of third-party and supply chain cyber risk. This support corresponds with the DoD's initiatives to encourage DIB entities to provide information and share anonymized cyber threat indicators that they deem helpful for notifying the government and others in order to counter threat actor activities more effectively. The IronNet Collective Defense Platform will allow each contractor in the NAVSEA DIB program to boost its network threat visibility while also integrating them in real-time through a private IronNet Collective Defense Community for NAVSEA. Through linked alerts, automated triage, and extended hunt assistance, the IronNet Collective Defense Platform acts as an early warning system for all participating corporations and organizations, increasing network security. In addition, IronNet's platform was recently updated to increase alert fidelity and analyst workflow by strengthening embedded risk scoring for more accessible alert prioritizing. These improvements result in much lower alert loads, false positives, and a shorter time to investigate. NAVSEA will have enhanced visibility of the current threat landscape, with situational context, thanks to the IronNet Collective Defense Platform, and will be able to increase the effectiveness of existing defenses and cybersecurity solutions used by its DIB contractors. Continuous monitoring of known and undiscovered threats contributes to meeting Cybersecurity Maturity Model Certification (CMMC) parameters. The IronNet Collective Defense Platform offers timely actionable, and relevant cyber attack intelligence earlier in case of an incursion before a threat can have a substantial impact, allowing DIB firms and the Navy to defend US Naval intellectual property better. About IronNet IronNet, founded in 2014, is a leading cybersecurity company transforming how businesses, industries, and governments safeguard their networks. It leverages the abilities of its top-tier cybersecurity operators' real-world, public and private sector, offensive and defensive cyber expertise and integrates their deep tradecraft knowledge into its industry-leading solutions to address the most complex cyber challenges affecting business today. The company's solutions use behavioral analytics, artificial intelligence and machine learning techniques to assist private and public companies in discovering unexpected risks across critical infrastructure.