Arctic Wolf Managed Detection and Response Reviews

They function as our CISO, providing guidance and assistance in establishing our security practices as our Chief Security Officer.

They have been instrumental in setting up our security response, managing our firewalls, switches, cloud environments, and endpoints, and guiding us to ensure our users' safety with login and other security practices. Their expertise and support make them a valuable resource for all things related to security.

We can effectively manage the massive amounts of security data that we receive from various sources such as firewalls, switches, endpoints, and other log sources. They help us filter out the noise and extract meaningful insights that lead us to the necessary action points.

In the security industry, there is always room for improvement, and Arctic Wolf ensures that we are continuously updated on areas that require improvement.

They keep us informed about the latest security developments and suggest ways to enhance our security posture. 

It's challenging to identify areas where they could improve as they already do an excellent job of staying up to date with the latest security trends. However, the security landscape is constantly evolving, requiring significant energy and effort to keep pace with.

I can't think of any specific features that they need to add at the moment. As long as they continue to develop new solutions to support different operating systems and technologies, we are satisfied with their service. 

We appreciate the effort they put into adding new features and functionality to their service and believe they are doing a great job in providing us with all the necessary tools and resources to stay secure.

We are in our third year of using Artic Wolf Managed Detection and Response.

It is a Software as a Service (SaaS) that is constantly updated, and there is no versioning since it is the only solution we use.

I would rate the stability of Artice Wolf Managed Detection and Response a nine out of ten.

I would rate the scalability a nine out of ten. I never give anything a ten.

Their solution helps protect our entire company, which includes about 130 employees. However, only three of us directly interact with Arctic Wolf.

Although the IT team may expand in the future, the use of Arctic Wolf's solution is widespread across our company and protects everyone. 

While everyone in the company benefits from the protection it provides, only the three of us directly communicate with Arctic Wolf. 

However, the rest of the company uses the software and the protection without necessarily knowing it.

I would rate the technical support a nine out of ten.

We use both Artic Wolf Managed Detection and Response and Artic Wolf Managed Risk.

I have been using Artic Wolf Managed Risk for a little over a year.

We are working with the latest version.

We offer two products: one specifically designed for managing network security, and the other for providing training to your associates.

The initial setup was very straightforward.

They provided us with a seamless onboarding experience, and their team guided us through the process of setting up both cloud and on-premise equipment. 

They ensured that we had everything set up correctly and even conducted tests to confirm its efficacy. 

Their onboarding team did an excellent job of helping us move the project forward from its initial stages to where we are now in our security journey.

Calculating the return on investment can be challenging in this type of scenario because ideally, you don't want to experience any security incidents that would require the use of the service. It's similar to insurance in that it's something you pay for but hope to never have to use.

I find their pricing to be reasonable and competitive. While it may not be the cheapest option available, it is fair when compared to other solutions in the market.

Arctic Wolf is a partner of ours.

I highly recommend Arctic Wolf if you are searching for a partner to assist you in securing your network and if your company is not large enough to afford a full-time CISO on its own.

I would rate Arctic Wolf Managed Detection and Response a nine out of ten.

We use ArcticWolf as our security operations center (SOC) and managed detect and response (MDR) provider. The primary use case for us was to augment our existing team with additional resources. We did not have the tools or skillsets available, and outsourcing to someone who does makes the most sense. 

Our current environment consists of offices/staff around the globe, a few servers, lots of cloud applications, and devices always on the move. We rely heavily on Office 365 and various communication tools to keep our staff connected.

Before bringing on ArcticWolf, it was a guessing game as to the risks we were actually facing. Everyone knows it's a matter of when - not if. However, you can never be sure how it's going to happen. With a small internal team, you cannot be everywhere. We knew we had to do something. 

Bringing on AW allowed us to:

• Augment our existing staff without having to hire internally
• Gain insight into areas of the environment we didn't have before
• Identify areas for improvement in our processes/cybersecurity
• Add to our toolkit without having to acquire/support the technology (e.g. SIEM)
• Reduced our risk

The most valuable features for our organization and team are:

• System Information and Event Manager (SIEM) - we didn't have to research, select, or implement this unwieldy technology. 
  
• Security Operations Center (SOC) (helps us not to have to hire)
• Having quarterly meetings with the team to review the last 90 days and determine what if any changes need to be made
• Having regular reporting for the various systems that integrate with ArcticWolf systems
• Easily accessible/digestible dashboard that displays all of there pertinent information

While we truly enjoy working with ArcticWolf and have gained peace of mind from doing so, as with anything, there can be some improvements, such as:

• An easier way to audit and act on agents
• You shouldn't have to pay extra to view the logs you're storing (we can raise tickets to have them reviewed. That said, we would like both options without paying extra)
• Quicker responses when questions are asked
• Additional help with digging into alerts to resolve them

I've used the solution for two years.

It's stable. We haven't had any issues. 

The solution will scale as it's up to them to make sure they have the resources available. Keep in mind, since you need resources to "own" this part of your IT, you may need to scale as well (albeit on a much smaller scale).

We haven't had to work with technical support very much (a testament to the product). However, when we have, it's been good, responsive service. 

Positive

We did not have another solution in place. 

It was straightforward to set up. That said, we had someone who knew networking and was diligent in making sure things were done properly. Also, they knew enough to ask the right questions during deployment. 

We handled the setup in-house.

It is hard to calculate the ROI when dealing with most cyber security items as if threats don't get you, you don't really know about them. They've been there when we needed them. As far as I'm concerned, this is money well spent. Plus, we didn't have to go out and get our own SIEM and find someone to manage it. 

They've been pretty reasonable about pricing/licensing. I do advise, like any project, that new companies assign a dedicated resource and make sure to properly plan the deployment. There is a lot to do, and they cannot do it all for you. 

We looked at various SIEM solutions (e.g., Splunk) and a Crowdstrike partner. 

This is not a set-and-forget solution. You do need to make sure to pay attention to alerts and reports, and you will need to adjust things as you go along. They are an extension of your team, not one that stays on an island. 

Having Arctic Wolf sensors and the stand-alone traffic-mirroring appliance within our network provides secure copies of critical logs as well as rapid analysis and response when there is unusual behavior within our network. 

This service is our primary anomaly detection tool. In concert with our endpoint security and our frequent vulnerability scans, Arctic Wolf provides an active review of threat signatures and unexpected events that allows our operations and security team to sleep better at night. 

This service makes answering audits much easier since it covers so many security best practices. Therefore, any of the popular frameworks are covered by this managed detection and response service.

The real-time monitoring is very real-time. We usually get an alert from Arctic Wolf just as someone on our team says 'oops, I locked my admin account' or 'I just created the new admin account on our device'.

The customer service is excellent. They offer very quick responses to active tickets, and we get great responses from the account reps as well. In a world with thousands of startup security vendors offering various flavors of 'AI-enhanced' snake oil, Arctic Wolf provides an obvious security service well. 

The quarterly reviews provide an excellent cadence to help organize our security priorities and help set thresholds to improve our signal/noise ratio, as well as provide a quick overview of the entire threat landscape to our full team. 

The default emailed reports are great for building our audit defense and helping us to meet the requirements of both state and independent auditors. 

The ticketing system is adequate, although the formatting of the auto-generated ticket emails could be updated to a more modern and cleaner style. 

This product is very feature-rich. I would actually be interested in having fewer features at a lower price. The problem is that the active responses require a high level of technical staffing and I expect it's hard to scale that down.

I am also interested in the new features which allow the customer access to the raw log repositories and the analysis tools provided by AW, however, I cannot justify the expense or time of adding those features at this time. Overall it is a very appropriately sized product that does not try to do everything. 

My company has been using this for several years. However, I have only been here using it for one year. 

The solution is very stable. 

It's great for a company our size (~100 employees in total, some on-site IT services, and ~5 network/systems/helpdesk staff). 

Customer support and service are basically what you are paying for. The technical pieces of the solution are great, however, the ticket response and the quarterly reviews are where the real value is. 

Positive

I am not sure if something was used previously as I've only been in this role with this company for one year. 

I wasn't part of the setup. The maintenance and reconfiguration (from in-line to mirrored traffic capture of the hardware device) have been simple and well-supported. 

We would require around 0.75 technical FTE to do the work of this solution, which we could not do for the price. 

In general, it's worth it. If you have any regulatory compliance requirements or other external requirements on your information security approach and you do not have a massive internal team to handle log analysis and similar tasks, this is a great solution. 

I did not choose this solution. I came into the company and this product was already here. I will say that I have removed a number of products from our vendor list during my first year, and have not considered removing Arctic Wolf - despite it being one of our costlier contracts. 

For a company with one sole dedicated cybersecurity professional, Arctic Wolf provides invaluable managed detection and response plus cyber awareness services with a strong focus on customer support.  

I've worked at other companies and have experience dealing with other vendors.  Unlike those other vendors, Arctic Wolf engineers go above and beyond what is expected of them, from generating custom reports to providing guidance on a variety of security issues.  

I know of three other firms who've migrated their managed detection and response from other vendors to Arctic Wolf and are really happy with Arctic Wolf.

Arctic Wolf unburdened me from day-to-day alert monitoring.  

In addition to that, the regularly scheduled quarterly update meetings are invaluable. They provide a good review of events at my firm, provide suggestions for improving security and alert me of the latest trends and attack vectors and how best to mitigate them. This allowed me to focus on building and improving our cyber security program rather than spend my time troubleshooting endless alerts and ticket hunting. Arctic Wolf is also a key pillar in our risk reduction strategy.

Arctic Wolf is laser-focused on providing top-notch customer service. For a company with one dedicated cybersecurity professional, Arctic Wolf provides invaluable managed detection and response plus cyber awareness services. 

They have a strong focus on customer support. I've worked at other companies and have experience dealing with other vendors. Unlike those other vendors, Arctic Wolf engineers go above and beyond what is expected of them, from generating custom reports to providing guidance on various security issues.

Third-party vendor management is an ever-increasing risk vector. We hate sending these out, and we hate when other vendors send them to us. Companies spend a lot of time and effort reaching out to their vendors with time-consuming questionnaires and endless follow-ups. For a small company like ours, it's a challenge dedicating resources to ensure this gets done. It would be great if that burden could be offloaded and/or the whole process of determining vendor risk could be simplified by Arctic Wolf.

I've used the solution for four years.

We previously dealt with Secureworks.

I would advise others to negotiate and don't underestimate the quality of support, especially for smaller teams.

We also evaluated eSentire.

We needed more eyes on the prize and Microsoft performance reporting is severely lacking for security compliance as geo blocking in the firewall can only address a small part of the attack grid. It's nice to know that people and machine learning are monitoring my environment for known assaults and unusual behaviors. 

Being a small business we just can't afford to have a full time security engineer and Arctic Wolf gives us the tools and services the big boys have at a reasonable cost. 

With the playing field always changing, it is nice to know our backs are covered.

We did not have any advanced tools in place for security monitoring. 

Personally, I love having Big Brother (Blue Eyed Wolf?) watching and it is nice to sleep well knowing 24/7 my network is being protected. 

After an easy onboarding, the monitoring started immediately. 

We also run AV on work stations. There was an instance when AWN notified us of a malware download before the end point monitors kicked in. We immediately shut down and reimaged the machine. 

We feel very strongly that we picked the best solution for our organization.

The weekly reports are great. I very much appreciate having a quick review of what occurred over the last seven days. I can't give enough kudos to the folks in the SOC. They are friendly, professional, and always available. Even tickets I put in for educational purposes are responded to quickly, and answers are specific. I enjoy not having to rephrase a question due to a generic response. 

The new dashboard is visually appealing, and I can drill down with just a couple of clicks for details. It offers great, easy navigation.

The service is fabulous. AWN is one vendor I don't mind having to call. It doesn't matter what urgency you put on the ticket - all I have entered have always received fast replies. Also, this solution offers huge peace of mind. I know I can pick up the phone and get a live person and not be trapped in a looping call tree. 

In the future, I would like to see a summary report. One of my bosses is on the distribution, and I spend time every Monday explaining what the reports mean. Graphs are nice visuals and would help communicate what's happening more effectively.

I've used the solution for 15 months. 

The solution is extremely stable. We have not had a single issue with any of the agents.

The solution is very scalable. Our environment is pretty stagnant, however, if I decided to add a server farm, it's just a click, and we pay a little more.

Technical support has been excellent. We haven't had a customer service issue; I have had a few tickets to ask questions, and they have been all handled with high urgency, even if they are not.

Positive

I did not previously use a different solution. I had been asking management and had a budget line item for security services for three years. My request was finally approved.

The setup is straightforward. The documentation was detailed, and the implementation team was available to explain and assist.

The implementation was done with the assistance of a vendor team. I was a bit sad when I was notified that I would be moving from the implementation to the account management team. However, every person I have worked with has been wonderful. 

We've witnessed an ROI after three years on software and five on hardware.

The setup was not hard. The implementation was very straightforward, and the team was knowledgeable and easy to work with. Compared to other vendors, licensing was a dream. The cost comes down to what people think their protection is worth. I have no qualms about approving AWN invoices for payment.

I did evaluate Sophos, Red Canary, Crowdstrike, and several others that only included monitoring without any security services.

I will be required to obtain additional quotes when our term is up. That said,  unless there is a sleeper that will be coming up in the field, I intend to negotiate a renewal.

I was subject to a malware attack and after it took us three full months to fully recover from that, I decided to make sure I was never in that position again.  Arctic Wolf was referred to me by my MSP who I have a long-standing relationship with. It was an excellent suggestion.  

It has improved my security position to where my business is now safe, and I don't have to constantly worry about another attack! That's invaluable to me. 

They have a portal where you can evaluate and mitigate any vulnerabilities that you and your network might have. This is a fantastic tool to help you secure your environment.

The only thing I would say is that if they gave some lessons on some risks and how to help mitigate those risks, that could be helpful. If you are not in the security field, this can be difficult to figure out from time to time.

I have been using Arctic Wolf for almost two years now and couldn't be happier with the service.  

The stability is very, very good. 

The scalability is very, very good. 

I did not have a previous solution. 

The initial setup is more complex than I would have liked. I wish I would have been able to do more myself instead of having outside IT guys do it.  

I had assistance from a vendor team. They were from my MSP so they were excellent. 

The solution provides excellent ROI. 

I'd advise others to weigh the ROI carefully with how much work they will have to do versus what the SOC does. In my case, I run multiple other businesses, so I knew I needed a solution that was more turnkey than most. 

I evaluated a dozen other potential solutions. 

Go with Arctic Wolf - you won't regret it. I just signed on for three more years after only signing for one year, then again for a second single year.  My experience has been so good that I signed up for three full years this time.  

Arctic Wolf monitors all of the traffic through our firewall. It monitors events on each computer in our network using agents. We have detection and as many inputs as we can get, including inputs from our Sophos antivirus and from our duo two-factor authentication. They ingest and process all of those events. If anything looks like it might be a problem, they generate a ticket and we get an email.

We take a look at the ticket and tell them whether it's expected or unexpected, and whether we think it's serious. They also scan our network for critical updates that are missing on the exchange server and issue detailed instructions on how to get the patch and how to execute a workaround if necessary. Arctic Wolf gives very detailed information when they think there's a challenging threat.

Arctic Wolf is our eyes and ears 24/7 because we can't possibly watch all of our alerts. We may see all of these alerts, but our attention is distracted because we're working on other things. We're only working certain hours of the day, and we don't have the staff to look at alerts 24/7.

We get a lot of false alarms, but that's because they don't know our network in detail. I think that could be alleviated if we told them more about our network so they could create rules to skip some of those things. For instance, we've had alerts that people are coming onto the VPN from outside of Canada. If we told them that someone is going outside of Canada ahead of time, then they wouldn't alert us about it.

Our internal alerting systems generate 10 times as many false alerts, so they're actually doing pretty well.

It's very stable.

There are a couple of appliances that need to be used. It's somewhat challenging to set up because you need a special configuration in the network switches, which the firewalls are connected to.

I would rate this solution as nine out of ten. 

It's a good product. It covers us 24/7. It doesn't have nearly as many false alarms as our own internal alerting systems because they're weeding a lot of things out. There's a lot of proactive help if something important needs to be updated or if  there are workarounds that need to be applied.

We use the tool for managed detection and response. 

The tool's most valuable feature is its ease of implementation. 

Arctic Wolf Managed Detection and Response's analysis and remediation parts could be improved. It's not bad, but it needs improvement. 

I have been working with the product for eight months. 

I rate Arctic Wolf Managed Detection and Response's stability a nine out of ten. 

I rate the tool's scalability a ten out of ten. My company has around 450 users who use it 24/7. 

We were using a product from a local Danish vendor. We switched to Arctic Wolf Managed Detection and Response for cost and capabilities. It  offered more features and better support, including superior threat intelligence feeds. 

I rate the tool's deployment an eight out of ten, which took nine weeks to complete with two resources. Operational maintenance is relatively minimal and very easy to manage. However, functional maintenance requires a skilled resource like me. The extent of personnel needed depends on the size of the organization. As the organization is not very large, I can handle it independently in my current role. However, I anticipate needing at least five or six people for maintenance tasks in a larger company, such as my previous role. The resource requirement aligns with the company's size.

We did Arctic Wolf Managed Detection and Response's deployment in-house. 

I rate the tool's pricing a nine out of ten. 

Before choosing a security solution, it's crucial to conduct thorough due diligence. Consider factors such as the vendor's approach, strategy, and compliance with data protection regulations like GDPR. Assess the vendor's data centers, their capabilities for shifting data around in case of issues, and their approach to DLP (Data Loss Prevention) detection. Evaluate whether the services offered align with your company's strategy and needs.

Review the different agreements provided by the vendor, including Managed Detection and Response, vulnerability management, and incident response features. Check if your existing cyber insurance can be utilized to cover expenses in case of a breach. Consider whether your organization requires services like vulnerability management and incident response, and choose accordingly.

I rate the product a ten out of ten.