Press Release

Arctic Wolf enhances security operations with improved identity threat detection and response capabilities

Fri 14 Jun 2024

Security operations company Arctic Wolf has enhanced its Managed Detection and Response (MDR) service with new Identity Threat Detection and Response (ITDR) capabilities.

Arctic Wolf said these improvements include active response features and integrations with Microsoft Defender for Identity and Okta, helping businesses better protect against evolving threats.

As threat actors continue to target identity infrastructure with account compromise tactics such as credential stuffing, the ability to swiftly contain and mitigate identity risks at scale is critical in defending crucial data assets and protecting users.

In 2023, 39% of incidents investigated by Arctic Wolf Incident Response were initiated via external remote access using compromised, legitimate credentials, underscoring the importance of ITDR capabilities as a core function of security operations, as opposed to a standalone XDR, SIEM, or SOAR solution.

Arctic Wolf said Gartner reasearch said identity threat detection and response (ITDR) is emerging as a security operations centre (SOC) function focus while IAM teams grapple with new tools to address enhancing detection of identity misuse.

Arctic Wolf Introduces Updates

The Arctic Wolf Platform has introduced several updates to enhance security capabilities. One significant addition is the Active Response for Identity feature, which allows for immediate action against threats within the identity infrastructure. This feature utilises response actions to quickly disable compromised user accounts and revoke access to potentially sensitive information or systems. By doing so, it effectively reduces the risk for organizations, ensuring a more secure operational environment.

Another update is the integration with Microsoft Defender for Identity. This new integration aims to protect user identities and reduce attack surfaces by increasing visibility into the identity infrastructure. With this enhanced visibility, organisations can detect identity-based attacks, like Business Email Compromise (BEC), at an earlier stage, thereby preventing potential breaches and mitigating risks associated with compromised identities.

The platform has also expanded its existing Okta integration with the Impossible Travel Detection capability. This enhancement improves cross-attack surface coverage by detecting compromised accounts using indicators of compromise (IOC) based on velocity alerts from Okta. By identifying unusual travel patterns and other suspicious activities, this update helps to identify and address security threats more effectively, ensuring that compromised accounts are swiftly detected and addressed.

Chief Product and Service Officer at Arctic Wolf, Dan Schiappa, said as adversaries increase the use of identity-based attacks, the ability to integrate robust ITDR capabilities into security operations is critical in building business resilience, as containment and mitigation extends beyond the endpoint alone.

“Effective cybersecurity hinges on detecting and remediating threats as quickly as possible. These new capabilities allow us to narrow the detection gap and minimise impact, effectively extinguishing and restricting adversarial account access more completely.” said Schiappa.

Join Tech Show London

12-13 March 2025, ExCeL London

Be a part of the latest tech conversations and discover pioneering innovations.

You won’t want to miss one of the most exciting technology events of the year.

Send us a correction Send us a news tip