Massive Market NeedĮnding cyber risk is an audacious goal. He says he recognized the need for similar protection for smaller companies that lack the budget to provide comprehensive security on their own.Īrctic Wolf has $27.2 million in venture funding, and claims more than 100 customers.Adams Street is excited to announce our follow-on investment in Arctic Wolf, a SaaS-based security operations platform that allows businesses of all sizes to dramatically improve their security posture without adding costly cybersecurity professionals. It also runs a SOC in Sunnyvale, Calif.īefore starting Arctic Wolf, NeSmith was CEO of enterprise security firm Blue Coat that had Fortune 500 clients. The company runs a security operations center in Waterloo, Canada, because it’s home to the University of Waterloo, where qualified tech graduates provide a reliable pool of prospective employees.
#Arctic wolf networks install#
He says on-site SIEMs take months to get configured and working, and require a lot of tuning in order to function properly.ĪWN Cyber-Soc is a SIEM service the company hosts in the Amazon Web Services cloud.Ĭustomers install a sensor appliance on the network exit point that collects HTTP and DNS. The company claims customers can be up and running in less than an hour, and that’s “unheard of,” Monahan says, but the reason is it can offer the month-by-month contracts. “The scope of the engagement here is undoubtedly less than you would get from a FireEye Mandiant team but you also aren’t paying anything near that level of cost,” Monahan says. Rolled up into the monthly fee is threat intelligence analysis, vulnerability assessment, and security architecture and design services, says Monahan, as well as incident response services.
UPDATE: From Arctic Wolf, "Pricing for the service is based on the number of employees, servers and locations and starts at $5,000 per month for an annual contract." The price is $3 to $7 per employee per month for the service, the company says, which might be attractive to mid-size companies that don’t have the resources to provide the same coverage in-house. Cost is a big factor in making the service attractive, Monahan says. The company is trying to make the service more attractive by requiring just month-to-month commitments from customers and charging no installation fee. AWN Cyber-SOC can take in feeds from customers’ existing security gear and sort through them as well with the same goal in mind. NeSmith says the AWN Cyber-SOC service typically flags as few as one incident every few weeks from among thousands of detected events, drastically reducing the number of events to follow up with. “Since people make mistakes, let’s say 99% of false positives are isolated and removed before being passed on to the customer as an alert.” “They claim zero false positives because of the human analyst attention prior to alerting the customers,” says David Monahan, an analyst with Enterprise Management Associates.
INSIDER: Traditional anti-virus is dead: Long live the new and improved AV
The engineers also recommend tweaks to other security devices such as antivirus and firewalls in order to tighten up defenses. He says each customer is assigned to a particular engineer, so that person will develop an understanding over time of that customer’s unique challenges. The SIEM is backed by a staff of about 20 security engineers who keep an eye on the anomalies identified by the platform and sort out those that are security events worthy of on-site investigation by customers’ own security techs, says said Brian NeSmith, Arctic Wolf co-founder and CEO. The company is four years old but just last year started serving up its service – AWN Cyber-SOC - that quickly analyzes security data from a range of other security devices. The company is offering a security service made up of its home-grown SIEM in the cloud backed by security engineers who filter out the security-event noise and trigger alerts only when they come across incidents actually worth investigating further. Arctic Wolf Networks is trying to address the problem many security techs have of receiving too many false-positive incident alerts to respond to effectively.
0 kommentar(er)
