In terms of areas for improvement, Arctic Wolf has been responsive to client feedback. They have addressed issues such as the lack of data exploration tools in the past by implementing solutions that enable clients to better understand the platform's actions. However, to further enhance the service, more integrations with various security tools to improve data ingestion would be beneficial. It is worth noting that I haven't received any negative feedback from clients, so there aren't any specific issues they are unhappy with at the moment.
Vice President of Technology at Hallmark Building Supplies, Inc.
Real User
Top 20
2023-03-22T21:19:36Z
Mar 22, 2023
In the security industry, there is always room for improvement, and Arctic Wolf ensures that we are continuously updated on areas that require improvement. They keep us informed about the latest security developments and suggest ways to enhance our security posture. It's challenging to identify areas where they could improve as they already do an excellent job of staying up to date with the latest security trends. However, the security landscape is constantly evolving, requiring significant energy and effort to keep pace with. I can't think of any specific features that they need to add at the moment. As long as they continue to develop new solutions to support different operating systems and technologies, we are satisfied with their service. We appreciate the effort they put into adding new features and functionality to their service and believe they are doing a great job in providing us with all the necessary tools and resources to stay secure.
Learn what your peers think about Arctic Wolf Managed Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Director, IT Systems and Security at Union Mutual Fire Insurance Company
User
Top 20
2023-03-10T14:17:00Z
Mar 10, 2023
This product is very feature-rich. I would actually be interested in having fewer features at a lower price. The problem is that the active responses require a high level of technical staffing and I expect it's hard to scale that down. I am also interested in the new features which allow the customer access to the raw log repositories and the analysis tools provided by AW, however, I cannot justify the expense or time of adding those features at this time. Overall it is a very appropriately sized product that does not try to do everything.
The only thing I would say is that if they gave some lessons on some risks and how to help mitigate those risks, that could be helpful. If you are not in the security field, this can be difficult to figure out from time to time.
Senior IT Analyst at a insurance company with 51-200 employees
Real User
Top 5
2023-01-26T17:53:13Z
Jan 26, 2023
We get a lot of false alarms, but that's because they don't know our network in detail. I think that could be alleviated if we told them more about our network so they could create rules to skip some of those things. For instance, we've had alerts that people are coming onto the VPN from outside of Canada. If we told them that someone is going outside of Canada ahead of time, then they wouldn't alert us about it. Our internal alerting systems generate 10 times as many false alerts, so they're actually doing pretty well.
We don't have many customers who complain about Arctic Wolf AWN CyberSOC. However, their new licensing model has room for improvement because of the limited user SKU. Many users do not necessarily use telemetry so they should not be charged for it. I would like to see them build the ability to co-sell an EDR platform, manage an EDR or manage the actual response, potentially from the issues that are coming up from the security risks.
Network Security Administrator at a non-profit with 51-200 employees
Real User
2022-01-24T14:47:21Z
Jan 24, 2022
They could probably expand on their integration tools. They can integrate with more security tools. They can expand their Linux flavors. I believe they only have Ubuntu and one more flavor.
I think the response time could be improved. It can sometimes take up to an hour to get notification of a problem and that's a long time. We currently report to users directly from our own dashboard. It would be helpful if they'd include a feature that would go directly to reports which would reduce the time between detection and communicating to industry partners.
Built on the industry’s only cloud-native platform to deliver security operations as a concierge service, the Arctic Wolf® Managed Detection and Response (MDR) solution eliminates alert fatigue and false positives to promote a faster response with detection and response capabilities tailored to the specific needs of your organization. Your Arctic Wolf Concierge Security® Team (CST) works directly with you to perform threat hunting, incident response, and guided remediation, while also...
I have heard that the tool doesn't go right to the endpoints. With CrowdStrike, I don't think that it is a bad thing anymore.
It will be helpful if the dashboard is more granular. The vendor must allow us to see what they see on their end.
Arctic Wolf Managed Detection and Response's analysis and remediation parts could be improved. It's not bad, but it needs improvement.
The implementation process could be a little more streamlined.
In terms of areas for improvement, Arctic Wolf has been responsive to client feedback. They have addressed issues such as the lack of data exploration tools in the past by implementing solutions that enable clients to better understand the platform's actions. However, to further enhance the service, more integrations with various security tools to improve data ingestion would be beneficial. It is worth noting that I haven't received any negative feedback from clients, so there aren't any specific issues they are unhappy with at the moment.
In the security industry, there is always room for improvement, and Arctic Wolf ensures that we are continuously updated on areas that require improvement. They keep us informed about the latest security developments and suggest ways to enhance our security posture. It's challenging to identify areas where they could improve as they already do an excellent job of staying up to date with the latest security trends. However, the security landscape is constantly evolving, requiring significant energy and effort to keep pace with. I can't think of any specific features that they need to add at the moment. As long as they continue to develop new solutions to support different operating systems and technologies, we are satisfied with their service. We appreciate the effort they put into adding new features and functionality to their service and believe they are doing a great job in providing us with all the necessary tools and resources to stay secure.
This product is very feature-rich. I would actually be interested in having fewer features at a lower price. The problem is that the active responses require a high level of technical staffing and I expect it's hard to scale that down. I am also interested in the new features which allow the customer access to the raw log repositories and the analysis tools provided by AW, however, I cannot justify the expense or time of adding those features at this time. Overall it is a very appropriately sized product that does not try to do everything.
The only thing I would say is that if they gave some lessons on some risks and how to help mitigate those risks, that could be helpful. If you are not in the security field, this can be difficult to figure out from time to time.
We get a lot of false alarms, but that's because they don't know our network in detail. I think that could be alleviated if we told them more about our network so they could create rules to skip some of those things. For instance, we've had alerts that people are coming onto the VPN from outside of Canada. If we told them that someone is going outside of Canada ahead of time, then they wouldn't alert us about it. Our internal alerting systems generate 10 times as many false alerts, so they're actually doing pretty well.
We don't have many customers who complain about Arctic Wolf AWN CyberSOC. However, their new licensing model has room for improvement because of the limited user SKU. Many users do not necessarily use telemetry so they should not be charged for it. I would like to see them build the ability to co-sell an EDR platform, manage an EDR or manage the actual response, potentially from the issues that are coming up from the security risks.
They could probably expand on their integration tools. They can integrate with more security tools. They can expand their Linux flavors. I believe they only have Ubuntu and one more flavor.
I think the response time could be improved. It can sometimes take up to an hour to get notification of a problem and that's a long time. We currently report to users directly from our own dashboard. It would be helpful if they'd include a feature that would go directly to reports which would reduce the time between detection and communicating to industry partners.