Eden Prairie, MN, USA
2012
  |  By Arctic Wolf
AI’s latest wave is reshaping cybersecurity in a fundamental way. Capabilities that once were limited to a handful of frontier models are now widely accessible, cheaper, and embedded across more environments. As access expands, risk is growing fast and scaling even faster.
  |  By Arctic Wolf Labs
Arctic Wolf Internal Security Operations (SecOps) recently identified a GitHub page impersonating Arctic Wolf to target our customers and prospects. The SecOps team immediately escalated these findings to our Threat Research team, who uncovered a complex attack chain subsequently deploying information-stealing malware. Arctic Wolf has since removed this fake GitHub page.
  |  By Arctic Wolf Labs
A suite of severe vulnerabilities has been disclosed in libssh2 (an SSH client library widely embedded in software such as curl, Git GUI clients, PHP, backup tools, and many IoT/embedded devices). The most critical, CVE-2026-55200 (CVSS 9.2/9.8), is a memory corruption bug in libssh2’s ssh2_transport_read() triggered by a malicious SSH server pre-authentication via a crafted packet_length.
  |  By Arctic Wolf Labs
CVE-2026-48558 is a critical authentication bypass vulnerability in SimpleHelp Remote Monitoring and Management (RMM) software, caused by improper validation of OpenID Connect (OIDC) token signatures. When OIDC is configured with group-authenticated login settings, unauthenticated attackers can forge identity tokens to bypass multi-factor authentication and gain privileged technician-level access to vulnerable SimpleHelp servers — without valid credentials.
  |  By Arctic Wolf Labs
Throughout 2026, Arctic Wolf has investigated multiple Anubis ransomware intrusions. Although threat actor tradecraft differs between intrusions, key themes have emerged: abuse of VPN infrastructure, blending in with legitimate activity through the use of Remote Monitoring and Management (RMM) solutions, and using other legitimate binaries on victim devices.
  |  By Will Briggs
At the recent AWS Summits in New York and Toronto, Arctic Wolf was present to hear AWS introduce a set of security capabilities built to run continuously and act at machine speed. New approaches to vulnerability management, deeper integration of security into development workflows, and expanded context through knowledge mapping all point in the same direction: Security operations are becoming persistent, automated, and increasingly driven by AI.
  |  By Arctic Wolf
Mobile devices have become one of the most dynamic, and most exposed, parts of the modern attack surface. They access sensitive data, connect to untrusted networks, and rely heavily on third-party applications. Yet in many organizations, mobile security still lags behind traditional endpoint protection. Mobile device management (MDM) solutions help enforce configuration and compliance, but they were never designed to detect and respond to modern threats.
  |  By Arctic Wolf
Endpoint attacks rarely appear in a single alert. Instead, they surface as a sequence of signals that require rapid investigation and response. For many teams, the challenge is not detection. It is having the time and expertise to investigate, validate, and then act. Arctic Wolf Aurora Managed Endpoint Defense addresses this by combining endpoint detection and response with expert Arctic Wolf analysts who take on the operational burden.
  |  By Arctic Wolf
Security operations teams are facing a familiar, but growing, challenge. As threat actors leverage AI and automation to move faster, alerts continue to expand in volume and complexity. Even mature security teams struggle to keep up with investigation timelines, maintain institutional knowledge, and ensure consistent response quality. At the same time, buyers are demanding more from their security platforms. They want solutions that go beyond detection.
  |  By Arctic Wolf Labs
FortiBleed is a large-scale credential compromise campaign that targets internet-facing Fortinet FortiGate firewalls and SSL VPN gateways. The campaign does not depend on a malware payload; instead, it uses a credential pipeline that utilizes credential stuffing, password spraying, configuration harvesting, offline cracking, and post-authentication capture processing.
  |  By Arctic Wolf Networks
This month, we sit down with Trisha Farrow, our Senior Vice President of People and Facilities. In this episode, Trisha Farrow shares the heart behind her leadership—why human connection, courage, and curiosity matter more than ever in a fast-changing world. From building inclusive cultures to navigating AI in HR, she offers a powerful perspective on what it really means to lead people, not just processes.
  |  By Arctic Wolf Networks
This video will demonstrate how Arctic Wolf's Aurora Threat Intelligence enables customers to defend to against new and emerging threats through engaging content, actionable intelligence, IoC lists and automated feeds.
  |  By Arctic Wolf Networks
In this demo, Aurora Managed Endpoint Defense shows how human expertise and EDR work together to rapidly detect, investigate, and respond to threats; giving customers stronger protection, faster results, and improved security posture.
  |  By Arctic Wolf Networks
In this demo, Aurora Managed Endpoint Defense shows how human expertise and EDR work together to rapidly detect, investigate, and respond to threats; giving customers stronger protection, faster results, and improved security posture.
  |  By Arctic Wolf Networks
In this demo, we will see how Aurora Vulnerability Management helps organizations discover and categorize assets, prioritize risks, and take action to remediate and patch vulnerabilities.
  |  By Arctic Wolf Networks
How Arctic Wolf Aurora Mobile Threat Defense secures the full mobile attack surface—devices, apps, networks, phishing, and privacy—in one unified platform. This demo highlights real‑time visibility, actionable insights, and automated response to reduce mobile risk.
  |  By Arctic Wolf Networks
Powering modern security operations with AI is no longer optional. It’s essential. The Aurora Superintelligence Platform is built for the AI era, combining specialized AI agents, real-world security data, and human expertise to deliver outcomes security teams can trust. At its core, the Swarm of Experts, Security Operations Graph, and AI Trust Engine work together to drive faster detection, more accurate investigations, and more decisive response across the attack surface.
  |  By Arctic Wolf Networks
In this demo, we will look at three different use cases for the Aurora Security Assistant including general security knowledge, deeper ticket context and quick answers around self-service and product documentation.
  |  By Arctic Wolf Networks
See how Arctic Wolf Aurora Vulnerability Management turns risk visibility into remediation through seamless integrations with partners like ServiceNow and ConnectWise. This demo shows how automated ticketing, unified workflows, and prioritized findings help security and IT teams accelerate remediation without added workload.
  |  By Arctic Wolf Networks
This month, we sit down with Will May, our new Chief Revenue Officer. Take a listen to get to know Will, his leadership philosophy, how he's using AI in his every day, and so much more! Will brings more than 15 years of go-to-market leadership experience across high-growth software, cybersecurity, and cloud technology companies. He has built a strong reputation for helping organizations adopt innovative technologies—including AI-driven platforms—to improve operational efficiency, reduce complexity, and deliver measurable business value.
  |  By Arctic Wolf
Security information and event management (SIEM), security orchestration, automation, and response (SOAR), and the newer extended detection and response (XDR) solutions have become the top choices for organizations wanting a unified view of activity within their IT environments. By combining relevant data into single consoles, XDR, SIEM and SOAR technologies minimize the time analysts spend moving between platforms and make it easier to correlate the data and develop subsequent steps appropriately.
  |  By Arctic Wolf
The Health Insurance Portability and Accountability Act (HIPAA) Security Rule focuses on the safeguarding of electronic protected health information (ePHI) through the implementation of administrative, physical, and technical safeguards.
  |  By Arctic Wolf
Financial institutions, particularly regional banks and credit unions, are facing challenges both in terms of safeguarding data of their customers and meeting data security compliance standards. Information technology (IT) teams in these institutions are stretched thin. They struggle with needing to meet compliance obligations while simultaneously combatting cyberthreats.

Cybersecurity is a field that requires 24x7 vigilance and constant adaptation. Arctic Wolf’s cloud native platform and Concierge Security® Team delivers uniquely effective solutions.

The cybersecurity industry has an effectiveness problem. New technologies, vendors, and solutions emerge every year—yet, we still see headlines filled with high-profile breaches. Many attacks occur – not because a product failed to raise an alert – they fail because the alert was missed or was not actioned on. To prevent these attacks, the industry needs to adopt a new approach by focusing on security operations. That’s where Arctic Wolf can help.

Arctic Wolf® Platform

Spanning thousands of installations, the Arctic Wolf® Platform processes over 200 billion security events daily. The platform collects and enriches endpoint, network, and cloud telemetry, and then analyzes it with multiple detection engines. Machine learning and custom detection rules then deliver personalized protection for your organization.

While other products have limited visibility, the vendor-neutral Arctic Wolf® Platform enables broad visibility and works seamlessly with existing technology stacks, making it easy to adopt while eliminating blind spots and vendor lock-in.

Concierge Security® Team

Arctic Wolf invented the concept of Concierge Security®. With this delivery model, we pair a team of our security operations experts directly with your IT or security staff. Your Concierge Security® Team gives you 24×7 eyes-on-glass coverage. We work with your team on an ongoing basis to learn your security needs so that they can tune solutions for maximum effectiveness and ensure that your security posture gets stronger over time.

The Concierge Security® Team combines deep security operations expertise with an understanding of your environment to deliver better outcomes. We take on tactical actions like threat hunting and alert prioritization, and strategic tasks like security posture reviews and risk management.