Amazon Web Services (AWS) announced that Arctic Wolf Networks has selected AWS as its primary cloud provider to power the company’s cloud-native security operations platform. Arctic Wolf is one of the leading cybersecurity technology innovators in the world. The company provides turnkey, managed threat detection and response, risk management, cloud monitoring, and security training and awareness services to organizations.
The company’s hybrid approach to security combines the scale, speed, and processing power of cloud-based automation with the experience of trained security experts to transform how organizations protect themselves. Using AWS’s unmatched portfolio of cloud capabilities, including containers, serverless, analytics, database, compute, and storage, Arctic Wolf can cost-effectively process more than 1.4 trillion unique security events a week from its global and fast-growing customer base. In addition, Arctic Wolf plans to leverage AWS’s proven global infrastructure to continue to expand its operations across Europe, the Asia-Pacific region, and beyond.
Under the traditional cybersecurity model, companies typically relegate security to IT teams that rely on disparate technology solutions in an attempt to keep up with rapidly evolving threats. These systems can flood IT teams with security notifications, making it hard to differentiate between meaningful threats and noise and leaving organizations vulnerable to attack. In contrast, Arctic Wolf’s approach uses AWS to power and deliver its cloud-native Arctic Wolf Platform, which is remotely managed by Arctic Wolf’s “Concierge Security Team” (CST) in the cloud.
The platform collects, enriches, and analyzes security data at scale and flags the CST when a potential threat requires additional scrutiny. The CST, in turn, alerts a customer only after they have validated a security incident and can provide recommended response options. In July 2021, Arctic Wolf used AWS to process and analyze more than 200 billion security events per day, including threats such as viruses, ransomware attacks, and compromised websites.
Arctic Wolf uses the breadth and depth of AWS services to elastically scale their offerings and meet global customer demand with low latency. The company typically runs more than 60,000 containers on Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS) to provide its detection services. AWS Auto Scaling provides the elasticity and availability required to handle peak loads and events such as zero-day security incidents that often affect multiple customers over different geographical regions.
When Arctic Wolf registers a security observation as suspicious activity, their CST leverages AWS Lambda (AWS’s serverless compute service that lets customers run code without provisioning or managing servers) to trigger further automated analysis, review the findings, and validate threats before escalating to the customer. The company also uses AWS’s managed database services, including Amazon DynamoDB and Amazon Relational Database Service (Amazon RDS), to process security observation data at scale, looking for outliers or unexpected patterns of activity that could indicate potential threats. Arctic Wolf then automatically references that data against historical activity and serves the analysis to their CST to evaluate in the context of emerging threats.
“As repeatedly demonstrated by recent ransomware incidents, the digital threat landscape continues to evolve, with attack surfaces that include consumer devices and public infrastructure that connects to corporate networks. Organizations and consumers alike feel the impact when data and personal information falls into the wrong hands, yet businesses can easily become overwhelmed trying to manage security alerts on their own. Arctic Wolf combines the best of technology and human intelligence to help our customers stay ahead of threats. Our hybrid security approach powered by AWS is enabling more organizations around the world to innovate with the confidence that their systems and data are secure,” said Nick Schneider, CEO, Arctic Wolf.
“AWS’s proven performance and security, global reach, and breadth of services, as well as the agility we gain by running in the cloud, are critical to achieving our mission to end cyber risk. The Arctic Wolf Platform was born in the cloud, and we look forward to continuing our work with AWS as a customer and a partner to help organizations across industries protect themselves and those they serve.”
Moving forward, Arctic Wolf will use AWS’s proven global infrastructure to expand their managed services quickly and cost effectively. Running on AWS, Arctic Wolf can replicate its IT architecture in additional AWS Regions in a matter of weeks rather than construct new data centers. The company recently announced plans to launch their first European security operations center by the end of 2021, which will be located in Germany and use the AWS Europe (Frankfurt) Region.
Arctic Wolf is an ISV Partner in the AWS Partner Network (APN) and an AWS Level 1 Managed Security Service Provider (MSSP), a new designation that AWS announced this week. It means Arctic Wolf is a cybersecurity business that has met or exceeded 10 managed security service specializations that protect and monitor essential AWS resources, are delivered as a 24/7 fully managed service, and span vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security. In addition, through an expanding technical relationship, Arctic Wolf and AWS are committed to better integrating their security services to keep joint customers secure from advanced attacks.
“The cloud-native nature of Arctic Wolf’s comprehensive security operations platform, coupled with the performance and reliability of AWS, gives us the agility and broad visibility we need in an ever-expanding cyber threat environment,” said Bill Berzinskas, Director of Reliability and Security at Teamworks, a customer of Arctic Wolf. “We’re scaling our SaaS platform from a simple web application to a mature business with hundreds of thousands of users, and the security operations approach pioneered by Arctic Wolf and powered by AWS gives us the confidence and security posture we need to grow our business.”
“Arctic Wolf is elevating security operations to help organizations of all sizes reliably and cost-effectively protect themselves in a constantly shifting threat landscape. AWS makes it possible for Arctic Wolf to expand their service to benefit customers around the world and rapidly adapt to emerging threats,” said Stephen Schmidt, Vice President of Security Engineering and Chief Information Security Officer, Amazon Web Services, Inc. “By running on AWS, Arctic Wolf has the performance, elasticity, breadth of services, and go-to-market support they need to keep their customers safe and scale with demand. We’re delighted to deepen our collaboration and congratulate them on their managed cloud security capabilities and distinction of AWS Level 1 MSSP Competency.”