Arctic Wolf Managed Detection and Response Reviews

We have implemented ActiveWolf due to its more hands-off approach, suitable for our small IT team without dedicated security specialists.

The solution works well for our team as it offers a hands-off approach, which we need. The pricing is okay and comparable to other solutions. We value the hands-off approach as we don't have our own security team. We have monthly meetings with them, where they help us secure parts of our network, which is valuable to us.

The only frustrating aspect is the lack of support for Windows on ARM devices. We cannot fully secure these devices until they release an updated version of their agent software.

I've used the solution for just over a year.

There is not much downtime, however, they are sometimes a bit slow in responding with more information when an issue is flagged.

They are quite responsive overall. We have monthly meetings where they help us with network security. However, their response can be slow when we ask for more information.

Positive

It took us about three to four weeks to bring it live as we had to ship the sensors to different sites. It probably took a month to be fully up to speed, but that was fine because we needed to onboard it anyway.

The pricing is okay and comparable to other solutions, with competitive pricing obtained for most options. We value the ease of use and hands-off approach.

We looked at the Microsoft service and another solution, however, I can't remember the name of the latter.

I rate the overall solution nine out of ten.

In my company, we have our own internal MDR as well. I am a salesperson, so I don't use the tool by myself.

I moved from telecom to IT earlier this year. I am very new to the tool, but it sounds great. For our company's clients, the tool increases visibility over the network. Arctic Wolf Managed Detection and Response plugs well into everything. Being able to have that sort of real-time, twenty-four-by-seven help desk that watches over your network and all your devices in case there is some attack or breach that it can contain is helpful.

Having or hiring someone locally to do all those things that Active Wolf and their team does would cost so much more for businesses. The tool definitely saves money for our company's customers. I think the tool saves time because the customers do not do much work, like doing certain things manually and going through logs.

The solution's most valuable feature is the certainty that someone is watching it, and that is the one key thing that I love about the product. Apart from the tool's own local team, somebody is always watching the tool and reducing any risks. The awareness training and all that stuff are good because Arctic Wolf Managed Detection and Response does it all by building such areas.

I have heard that the tool doesn't go right to the endpoints. With CrowdStrike, I don't think that it is a bad thing anymore.

I have years of experience with Arctic Wolf Managed Detection and Response. As a salesperson, I am meant to sell it.

I think the technical support for the solution is pretty good. I think it is all about setting expectations with your customers. Arctic Wolf is a global company, so you have to make sure that the customer knows that support will take as per whatever is mentioned in the SLA, which can take three days or whatever. I haven't heard any complaints from my customers about the tool's support team, but nobody is perfect. I rate the technical support an eight out of ten.

Positive

Considering the number of activities that customers have to indulge in, especially with the increase in attacks in New Zealand, I can say that the tool helps save a time frame of seven days.

Speaking about the product's integration capabilities, I feel that I am probably not experienced enough to talk about it. Arctic Wolf Managed Detection and Response is still quite immature compared to other providers in the market. The tool sort of integrates with a few products, but it doesn't integrate with everything.

The AI-driven tool helps improve detection and response capabilities, but human beings also manage it. You need the best of both worlds because AI can't do everything. One can still get false positives with the tool, so you need a human being. You also need AI to protect yourself against attacks.

I probably haven't had enough experience to give a proper opinion, but with my experience this year, I think it is pretty good for its current market. It plays in both corporate and medium-sized companies and corporate-level businesses. The tool is not meant for an enterprise-sized business since there are other tools like CrowdStrike and Splunk, along with more mature solutions.

I rate the tool an eight out of ten.

For anyone with an IT footprint in today's cybersecurity-aware landscape, considering solutions like Arctic Wolf (MDR is vital. It is not just for giants like banks; it is particularly valuable for smaller and mid-sized businesses without a dedicated cybersecurity team. When your IT environment surpasses about 50 users, that is when the real need for MDR arises. At that point, you start generating substantial security data, and MDR allows you to tap into expert skills to protect your organization effectively.

The most valuable aspect of this solution, both for me and my clients, is the managed detection and response component, which is a core feature of the service. However, what sets it apart is the "concierge security team" that provides customers with two dedicated resources for proactive security management. This personalized support, in addition to the 24/7 SOC service, is a significant added benefit.

In terms of areas for improvement, Arctic Wolf has been responsive to client feedback. They have addressed issues such as the lack of data exploration tools in the past by implementing solutions that enable clients to better understand the platform's actions. However, to further enhance the service, more integrations with various security tools to improve data ingestion would be beneficial. It is worth noting that I haven't received any negative feedback from clients, so there aren't any specific issues they are unhappy with at the moment.

I have been a reseller of Arctic Wolf Managed Detection and Response for over a year.

The stability of this solution is robust. It is not a physical product but rather a service, so it doesn't have the potential to go down like a tool or device might. Agents and sensors deployed have failover mechanisms in place to ensure continuous monitoring. 24/7 services are reliable and uninterrupted. In that sense, it is highly stable, given its service-oriented nature.

The scalability of this solution is great. It offers user-based licensing, so if there is an increase in the number of IT users, it can easily scale accordingly. In contrast to other solutions that base pricing on data ingestion, which can be challenging as data grows, user count tends to be more predictable, making this model highly scalable. Arctic Wolf is flexible and works with clients to ensure smooth scaling. Our clients for this solution come from a range of business sizes, primarily focusing on small and medium-sized enterprises. We generally don't cater to large enterprises, but instead, our clients typically fall within the medium-sized category, with user counts ranging from 50 to around 3,000.

Our experience with technical support from Arctic Wolf is mostly handled by the Octopus technical team, who manage support as the reseller. As a result, our role in providing technical support is limited. The concierge security team, a part of the managed detection and response solution, actively engages with clients to offer technical support, identify vulnerabilities, and conduct proactive threat hunting. This means we are less involved in the technical support aspects of the solution. I would rate Arctic Wolf's technical support as a nine out of ten. Their 24/7 availability of highly skilled security engineers who are responsive to phone calls and emails is a significant strength, with room for minor improvements but very effective overall.

Positive

In terms of the initial setup, our involvement is limited as Octopus Deploy handles it directly with the client for compliance and confidentiality reasons. However, the feedback we have received about the setup process has been remarkably positive. It is described as a quick and relatively painless process, typically taking around 30 to 40 days. Even for clients in South Africa, the shipment of sensors and equipment arrives within a month, which speaks to the efficiency of the setup. The choice between cloud or on-premises deployment depends on the client's preference. The solution offers virtual and on-premises sensor deployment options. The setup process is streamlined, with an off-site team collaborating with the client's team. The Security Operations Center is in Germany and works closely with clients for efficient implementation. Clients often install the sensors themselves, and the process is straightforward, making implementation easy.

Arctic Wolf's pricing seems reasonable for the value it offers, and I would rate it at a six out of ten. It is not a low-cost solution, but it provides good value for the investment.

Given the absence of complaints from our customers regarding the solution, I would rate Arctic Wolf MDR very highly, perhaps a ten out of ten. It seems to meet our clients' needs effectively.

We use the solution for SOC and SIEM.

The product has helped me eliminate the workload on my security team.

The product provides integrations with several different SaaS applications.

The implementation process could be a little more streamlined.

I have been using the solution for nine months. It is a SaaS-based service.

I rate the tool’s stability an eight or nine out of ten. I haven’t had any issues with the platform.

I rate the tool’s scalability an eight or nine out of ten. It is pretty easy to scale it.

The service team is responsive.

Positive

The deployment process is not highly complex but could be more streamlined and transparent.

I am beginning to see the return on investment because the tool saves me resources. On average, we get a 50% return on investment. We can't completely do away with your SOC team. However, I don't have to hire more people as I scale up. The solution’s service runs 24/7. It definitely takes a load off of me. I do not need a team 24/7.

The pricing is fair. It is not necessarily the most cost-effective, but it is not the worst.

We evaluated Red Canary and Rapid7. We chose Arctic Wolf because of its pricing and capabilities.

The industry chooses tools that have EDR. People should strongly consider buying the product. Overall, I rate the tool a seven out of ten.

They function as our CISO, providing guidance and assistance in establishing our security practices as our Chief Security Officer.

They have been instrumental in setting up our security response, managing our firewalls, switches, cloud environments, and endpoints, and guiding us to ensure our users' safety with login and other security practices. Their expertise and support make them a valuable resource for all things related to security.

We can effectively manage the massive amounts of security data that we receive from various sources such as firewalls, switches, endpoints, and other log sources. They help us filter out the noise and extract meaningful insights that lead us to the necessary action points.

In the security industry, there is always room for improvement, and Arctic Wolf ensures that we are continuously updated on areas that require improvement.

They keep us informed about the latest security developments and suggest ways to enhance our security posture. 

It's challenging to identify areas where they could improve as they already do an excellent job of staying up to date with the latest security trends. However, the security landscape is constantly evolving, requiring significant energy and effort to keep pace with.

I can't think of any specific features that they need to add at the moment. As long as they continue to develop new solutions to support different operating systems and technologies, we are satisfied with their service. 

We appreciate the effort they put into adding new features and functionality to their service and believe they are doing a great job in providing us with all the necessary tools and resources to stay secure.

We are in our third year of using Artic Wolf Managed Detection and Response.

It is a Software as a Service (SaaS) that is constantly updated, and there is no versioning since it is the only solution we use.

I would rate the stability of Artice Wolf Managed Detection and Response a nine out of ten.

I would rate the scalability a nine out of ten. I never give anything a ten.

Their solution helps protect our entire company, which includes about 130 employees. However, only three of us directly interact with Arctic Wolf.

Although the IT team may expand in the future, the use of Arctic Wolf's solution is widespread across our company and protects everyone. 

While everyone in the company benefits from the protection it provides, only the three of us directly communicate with Arctic Wolf. 

However, the rest of the company uses the software and the protection without necessarily knowing it.

I would rate the technical support a nine out of ten.

We use both Artic Wolf Managed Detection and Response and Artic Wolf Managed Risk.

I have been using Artic Wolf Managed Risk for a little over a year.

We are working with the latest version.

We offer two products: one specifically designed for managing network security, and the other for providing training to your associates.

The initial setup was very straightforward.

They provided us with a seamless onboarding experience, and their team guided us through the process of setting up both cloud and on-premise equipment. 

They ensured that we had everything set up correctly and even conducted tests to confirm its efficacy. 

Their onboarding team did an excellent job of helping us move the project forward from its initial stages to where we are now in our security journey.

Calculating the return on investment can be challenging in this type of scenario because ideally, you don't want to experience any security incidents that would require the use of the service. It's similar to insurance in that it's something you pay for but hope to never have to use.

I find their pricing to be reasonable and competitive. While it may not be the cheapest option available, it is fair when compared to other solutions in the market.

Arctic Wolf is a partner of ours.

I highly recommend Arctic Wolf if you are searching for a partner to assist you in securing your network and if your company is not large enough to afford a full-time CISO on its own.

I would rate Arctic Wolf Managed Detection and Response a nine out of ten.

We use ArcticWolf as our security operations center (SOC) and managed detect and response (MDR) provider. The primary use case for us was to augment our existing team with additional resources. We did not have the tools or skillsets available, and outsourcing to someone who does makes the most sense. 

Our current environment consists of offices/staff around the globe, a few servers, lots of cloud applications, and devices always on the move. We rely heavily on Office 365 and various communication tools to keep our staff connected.

Before bringing on ArcticWolf, it was a guessing game as to the risks we were actually facing. Everyone knows it's a matter of when - not if. However, you can never be sure how it's going to happen. With a small internal team, you cannot be everywhere. We knew we had to do something. 

Bringing on AW allowed us to:

• Augment our existing staff without having to hire internally
• Gain insight into areas of the environment we didn't have before
• Identify areas for improvement in our processes/cybersecurity
• Add to our toolkit without having to acquire/support the technology (e.g. SIEM)
• Reduced our risk

The most valuable features for our organization and team are:

• System Information and Event Manager (SIEM) - we didn't have to research, select, or implement this unwieldy technology. 
  
• Security Operations Center (SOC) (helps us not to have to hire)
• Having quarterly meetings with the team to review the last 90 days and determine what if any changes need to be made
• Having regular reporting for the various systems that integrate with ArcticWolf systems
• Easily accessible/digestible dashboard that displays all of there pertinent information

While we truly enjoy working with ArcticWolf and have gained peace of mind from doing so, as with anything, there can be some improvements, such as:

• An easier way to audit and act on agents
• You shouldn't have to pay extra to view the logs you're storing (we can raise tickets to have them reviewed. That said, we would like both options without paying extra)
• Quicker responses when questions are asked
• Additional help with digging into alerts to resolve them

I've used the solution for two years.

It's stable. We haven't had any issues. 

The solution will scale as it's up to them to make sure they have the resources available. Keep in mind, since you need resources to "own" this part of your IT, you may need to scale as well (albeit on a much smaller scale).

We haven't had to work with technical support very much (a testament to the product). However, when we have, it's been good, responsive service. 

Positive

We did not have another solution in place. 

It was straightforward to set up. That said, we had someone who knew networking and was diligent in making sure things were done properly. Also, they knew enough to ask the right questions during deployment. 

We handled the setup in-house.

It is hard to calculate the ROI when dealing with most cyber security items as if threats don't get you, you don't really know about them. They've been there when we needed them. As far as I'm concerned, this is money well spent. Plus, we didn't have to go out and get our own SIEM and find someone to manage it. 

They've been pretty reasonable about pricing/licensing. I do advise, like any project, that new companies assign a dedicated resource and make sure to properly plan the deployment. There is a lot to do, and they cannot do it all for you. 

We looked at various SIEM solutions (e.g., Splunk) and a Crowdstrike partner. 

This is not a set-and-forget solution. You do need to make sure to pay attention to alerts and reports, and you will need to adjust things as you go along. They are an extension of your team, not one that stays on an island. 

For a company with one sole dedicated cybersecurity professional, Arctic Wolf provides invaluable managed detection and response plus cyber awareness services with a strong focus on customer support.  

I've worked at other companies and have experience dealing with other vendors.  Unlike those other vendors, Arctic Wolf engineers go above and beyond what is expected of them, from generating custom reports to providing guidance on a variety of security issues.  

I know of three other firms who've migrated their managed detection and response from other vendors to Arctic Wolf and are really happy with Arctic Wolf.

Arctic Wolf unburdened me from day-to-day alert monitoring.  

In addition to that, the regularly scheduled quarterly update meetings are invaluable. They provide a good review of events at my firm, provide suggestions for improving security and alert me of the latest trends and attack vectors and how best to mitigate them. This allowed me to focus on building and improving our cyber security program rather than spend my time troubleshooting endless alerts and ticket hunting. Arctic Wolf is also a key pillar in our risk reduction strategy.

Arctic Wolf is laser-focused on providing top-notch customer service. For a company with one dedicated cybersecurity professional, Arctic Wolf provides invaluable managed detection and response plus cyber awareness services. 

They have a strong focus on customer support. I've worked at other companies and have experience dealing with other vendors. Unlike those other vendors, Arctic Wolf engineers go above and beyond what is expected of them, from generating custom reports to providing guidance on various security issues.

Third-party vendor management is an ever-increasing risk vector. We hate sending these out, and we hate when other vendors send them to us. Companies spend a lot of time and effort reaching out to their vendors with time-consuming questionnaires and endless follow-ups. For a small company like ours, it's a challenge dedicating resources to ensure this gets done. It would be great if that burden could be offloaded and/or the whole process of determining vendor risk could be simplified by Arctic Wolf.

I've used the solution for four years.

We previously dealt with Secureworks.

I would advise others to negotiate and don't underestimate the quality of support, especially for smaller teams.

We also evaluated eSentire.

We partnered with Arctic Wolf to provide us with 24/7 monitoring of our mixed environment organization. 

Arctic Wolf provides coverage for our cloud servers and services, and remote workforce endpoints. 

As a relatively small organization with a lean IT staff, we do not have the bandwidth to dedicate ourselves to security 24/7. While our team is security aware, it is not the daily responsibility of any of our team members. We realized we needed a partner that could provide SOC services for our wide-ranging data sources.

Arctic Wolf's insight into our environment and notification when something needs our review are key. The Security Concierge Team (along with the rest of the AW team) truly are teammates and allow us to be more security conscious without the expense of adding more internal staff. 

Our prior security vendor added little to no value to our organization. The extent of the relationship was monthly reports that we emailed and tended to be inaccurate. Arctic Wolf absolutely provides value on a regular basis with useful reports and actionable recommendations.

The visibility into our endpoints is huge. 

The data collected is provided in a view that is understandable and approachable. 

The quarterly review with our account manager and Concierge Security Team provides good information and also provides a nice overview of the Arctic Wolf roadmap. 

The Security Bulletins that Arctic Wolf provides when there is a new threat or zero-day vulnerability are extremely helpful. They explain the issue and provide understandable recommendations with actionable steps.

While it isn't a regular occurrence, there have been some gaps in response to some support questions. Questions get answered, yet there are times it takes longer than I'm comfortable with. Having worked in growing organizations, I realize this is likely to staff training/onboarding. Ultimately, my issues are addressed and resolved. Regarding additional features, I'd like to see further refinement of the dashboards. We subscribe to additional services, and the look and feel vary amongst the solutions.

I've used the solution 3+ years.

We have had very few outages or issues related to stability in the time we've been a customer.

Our footprint is relatively small, however, it appears to scale well.

Technical support is very good trending towards excellent.

Positive

We switched from Alert Logic. We didn't find value in the service provided.

Onboarding was straightforward, and the support team was able to address any questions or issues with had during the process in a timely fashion.

We handled the initial setup in-house.

Our ROI is good and certainly better than with our prior vendor.

Costs are relatively transparent. Setup/onboarding is project-driven and the team responsible for that is good. The account management/sales team understands the licensing model well and provides good recommendations for your needs.

We evaluated Alert Logic's new offering and decided against it based on the cost and prior experience.