Arctic Wolf announced this week that it was expanding its security operations cloud to Frankfurt, Germany. The company has been best known for pioneering the SOC-as-a-Service concept, but has fine-tuned its efforts to leverage artificial intelligence and machine learning to deliver customized threat intelligence to customers.
We caught up with Nick Schneider, the company’s new president and CEO, to talk about Arctic Wolf’s plans for the future and how its cloud-based model based on an open XDR architecture will solve "alert fatigue" for security organizations.
What are the gaps in cloud security that the Artic Wolf Security Operations Cloud looks to solve?
Schneider: The Arctic Wolf Security Operations Cloud addresses gaps in more than just cloud security, it unifies an organization’s security data across all threat surfaces. Where every other aspect of business has a definitive platform delivering the authoritative source of truth — think Salesforce, ServiceNow, and Workday — IT and cybersecurity are failing because of the lack of system of record. We believe the Arctic Wolf Security Operations Cloud solves this problem by delivering critical security operations outcomes across the whole security operations framework. An important component of this is our concierge delivery model, which offers each of our customers a custom-curated experience that ensures they get the data and protection they need exactly when they need it.
When Artic Wolf came out it marketed itself as SOC-as-a-Service. How is the company positioning itself now that it has made numerous acquisitions over the past few years? In the end, are you mainly a modern-day MSSP? What makes you different?
Schneider: Arctic Wolf has focused on the operational approach to cybersecurity since our founding. Our platform was built from day one on a cloud-native architecture that seamlessly ingests data from endpoint, network, identity, and cloud sources to deliver automated threat detection and response at scale. MSSPs have a well-deserved reputation as alert factories, and legacy tool vendors are only now starting to launch solutions that integrate data from multiple attack surfaces. We believe the security outcomes we deliver differentiate us drastically from MSSPs and other legacy solutions because the Arctic Wolf’s Security Operations Cloud ensures only verified security incidents are escalated to customers. With Arctic Wolf, a typical customer receives only one or two tickets a week, which effectively eliminates alert fatigue, and ensures internal security resources have the time needed to focus on hardening their overall security posture. When our customers receive an alert, they know it has been analyzed by our machine learning engine and verified by one of our analysts before the customer receives it. So our customers know that if they receive an alert from Arctic Wolf, it’s an issue they really should take a close look at.
What are examples of the types of companies that can take advantage of your services? How is this approach useful for small companies versus large companies?
Schneider: Effective security operations isn’t solely a tools problem for large organizations, or a staffing problem for small companies: It’s an operational problem for everybody, and the vast majority of companies do not have holistic security operations today. Arctic Wolf’s universal and unlimited approach to data ingestion allows security and IT leaders, no matter the size of their business, to keep the tools they have in place to gain visibility and control over what has been historically disparate data.