Arctic Wolf enhances identity protection with new ITDR capabilities

Identity proofing and authentication remain critical concerns for businesses and consumers in Australia, especially as the country inches closer to implementing an economy-wide Digital ID system. Identity infrastructure has become a frequent target for cybercriminals, with techniques such as phishing topping the list of reported cybercrimes.

Arctic Wolf, a firm specialising in security operations, has announced it has enhanced its Managed Detection and Response (MDR) platform with new identity threat detection and response (ITDR) capabilities. The company's updates include new integrations with Microsoft Defender for Identity and Okta, aiming to provide businesses with improved mechanisms to contain and mitigate identity-related threats.

The company emphasised the urgency of addressing identity risks at scale, noting the growing trends of account compromise tactics like credential stuffing. Arctic Wolf stated that in 2023, 39% of the incidents investigated by its Incident Response team were initiated via external remote access using compromised, legitimate credentials. This statistic underscores the importance of ITDR capabilities as integral components of security operations.

Gartner Research has noted that ITDR is becoming a focus for security operations centres, as Identity and Access Management (IAM) teams struggle to adopt new tools to enhance detection of identity misuse.

Key updates to the Arctic Wolf Platform include:

Active Response for Identity: This new feature enables immediate actions against threats in identity infrastructure. It allows for the swift disabling of impacted user accounts, revoking access to sensitive information or systems, thereby reducing organisational risk.

Microsoft Defender for Identity Integration: Integration with Microsoft Defender for Identity aims to safeguard user identities and decrease attack surfaces. This integration provides increased visibility into identity infrastructure, facilitating earlier detection of identity-based attacks such as Business Email Compromise (BEC).

Okta Impossible Travel Detection: Enhanced detection abilities with Okta will extend cross-attack surface coverage. The new functionalities focus on identifying compromised accounts through indicators of compromise (IOC) based on velocity alerts from Okta.

Dan Schiappa, Chief Product and Service Officer at Arctic Wolf, said, "As adversaries increase the use of identity-based attacks, the ability to integrate robust ITDR capabilities into security operations is critical in building business resilience. Containment and mitigation extends beyond the endpoint alone." He added that effective cybersecurity hinges on detecting and remediating threats as quickly as possible. The new capabilities are designed to narrow the detection gap and minimise impact by thoroughly restricting adversarial account access.

Arctic Wolf operates a cloud-native, AI-driven platform that serves organisations of nearly any size. With numerous security and technology integrations available, the Arctic Wolf Security Operations Cloud processes over 5.5 trillion security events weekly from a global customer base of more than 5,700 clients.