Arctic Wolf Expands Aurora Platform with Greater Control Over Security Data & Processes
Traditional SIEM solutions have become a burden for many organizations, especially in hybrid and cloud-first environments. Long deployment timelines, constant upkeep, false positives, and high alert volumes make it difficult for teams to extract meaningful value. SIEMs also require specialized staffing and manual tuning, which is especially challenging in today's talent-constrained market even for well-resourced organizations. With most SIEM solutions, the burden falls on security teams to learn and operate the tool themselves. In contrast, Arctic Wolf delivers visibility and outcomes through a single unified platform and AI-powered SOC, offering intuitive tools and a Concierge Experience that serve as a SIEM alternative to help customers answer their most pressing security questions without added complexity, enabling them to operate with the agility and flexibility required to stay ahead of an increasingly fast-moving and sophisticated threat landscape.
With this release, Arctic Wolf introduces advanced new self-service capabilities in its Data Explorer module, enabling security teams to create custom detections aligned to their specific operational and compliance needs. These updates provide a more intuitive way to investigate threats and answer high-priority security questions without having to master a complex tool or invest in constant rule tuning.
New and enhanced capabilities in Arctic Wolf Data Explorer include: Simplifying Custom Detections: Quickly build custom detection rules and alerts that are tailored to an organization's unique environment, without the need for SIEM tuning or custom rule sets. Advancing Search Capabilities for Security Teams: Run flexible, intuitive queries to validate alerts and drill into the context behind suspicious activity, without requiring complex syntax. Enabling Advanced Queries Across Historical Data: Investigate across long-term security data to uncover patterns, confirm alert details, or trace threats over time.
'Security teams shouldn't need to fight with their SIEM to get fast answers to important questions,' said Chris Kraft, Chief Product Officer, Arctic Wolf. 'With Data Explorer, we're enabling fast, intuitive access to critical insights, backed by the scale and intelligence of the Aurora Platform. These new enhancements give users more flexibility and control than ever before, allowing them to create custom detections, run targeted investigations, and drive better security outcomes. Unlike legacy tools that are complex to maintain and slow to deliver value, Data Explorer empowers teams to act quickly and confidently.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Channel Post MEA
6 days ago
- Channel Post MEA
Arctic Wolf And Databricks Integrate To Scale AI-Driven SOC
Arctic Wolf has announced a partnership with Databricks, the data and AI company, to further scale and support the rapid growth of the Arctic Wolf Aurora Platform. By integrating the Databricks Data Intelligence Platform into the Aurora Platform data pipeline, Arctic Wolf is enhancing its ability to process massive volumes of security telemetry in real time and deliver fast scalable security outcomes across its global customer base. Modern security operations are fundamentally a data challenge. As organizations adopt more security tools and cloud applications, security teams face an exponential increase in telemetry across all attack surfaces. The volume, diversity, and speed of this data make it difficult to detect threats, respond quickly, and reduce risk with confidence. Without a platform designed to operate at this scale, even well-resourced teams can become overwhelmed and miss critical attacks. Arctic Wolf is addressing this challenge by building one of the most scalable, open, and high-performing platforms in cybersecurity. The Aurora Platform ingests and processes more than eight trillion security observations each week and over 300 petabytes of data annually. With the Databricks Data Intelligence Platform now deeply integrated in its foundation, Arctic Wolf can accelerate how it unifies telemetry from endpoints, cloud applications, identity systems, firewalls, and other data sources into a single, high-throughput environment. This deep integration between the two companies' technologies will fuel the rapid evolution of the Aurora Platform and enable Arctic Wolf's AI-powered Security Operations Center to deliver enhanced threat detection and response to its rapidly growing global customer community of more than 10,000 customers worldwide. This data-driven foundation also amplifies the power of Alpha AI, Arctic Wolf's industry-leading portfolio of predictive and generative AI technologies purpose-built for security operations. Informed by over 10 million hours of real-world human SOC experience, compounded over the last decade, and continuously improved using one of the industry's largest and most diverse sets of security telemetry, Alpha AI reduces alert fatigue, accelerates investigation workflows, and ensures customers can prioritize the threats most relevant to their environments. 'Modern cybersecurity is a data scale problem. The volume, variety, and velocity of telemetry demand a platform that can turn complexity and noise into clear outcomes,' said Dan Schiappa, President, Technology and Services, Arctic Wolf. 'Partnering with Databricks gives us the scalable foundation to action one of the industry's most diverse security datasets for faster and better threat protection for our customers. It enables us to grow the Aurora Platform, expand our AI-powered SOC, and deliver faster, more reliable protection for our customers.' 'Running security operations at scale demands a data architecture optimized for performance, agility, and real-time insights. Arctic Wolf is a leader in this space, having pioneered a unified approach to security operations through a single, integrated platform,' said Omar Khawaja, Databricks Field CISO, VP Security. 'By integrating the Databricks Data Intelligence Platform with Arctic Wolf's Aurora Platform, we're enabling them to fully harness the power of their security telemetry, driving faster, smarter decisions across one of the world's largest commercial Security Operations Centers.' By leveraging the Databricks Data Intelligence Platform's secure lakehouse architecture, Arctic Wolf ensures that all security telemetry is unified, governed, and protected with enterprise-grade security controls and compliance certifications. This foundation not only accelerates real-time threat detection and response but also empowers Arctic Wolf to continuously innovate with open, extensible integrations and advanced AI-driven analytics. The partnership enables Arctic Wolf to deliver on its mission to end cyber risk, providing customers with the confidence that their data is protected and their security operations are future-ready.
Zawya
02-07-2025
- Zawya
Australia's Qantas says 6mln customer accounts accessed in cyber hack
A cyber hacker broke into a database containing the personal information of millions of customers, Qantas said, in Australia's biggest breach in years and a setback for an airline rebuilding trust after a reputational crisis. The hacker targeted a call centre and gained access to a third-party customer service platform containing six million names, email addresses, phone numbers, birth dates and frequent flyer numbers, Qantas said in a statement on Wednesday. The airline did not specify the location of the call centre or customers whose information was compromised. It said it learnt of the breach after detecting unusual activity on the platform and acted immediately to contain it. "We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant," Qantas said, reporting no impact on operations or safety. Last week, the U.S. Federal Bureau of Investigation said cybercrime group Scattered Spider was targeting airlines and that Hawaiian Airlines and Canada's WestJet had already reported breaches. Qantas did not name any group. "What makes this trend particularly alarming is its scale and coordination, with fresh reports that Qantas is the latest victim" of a hack, said Mark Thomas, Australia director of security services for cyber security firm Arctic Wolf. Scattered Spider hackers are known to impersonate a company's tech staff to gain employee passwords and "it is plausible they are executing a similar playbook", Thomas said. Charles Carmakal, chief technology officer of Alphabet-owned cybersecurity firm Mandiant, said it was too soon to say if Scattered Spider was responsible but "global airline organisations should be on high alert of social engineering attacks". Qantas' share price was down 2.4% in afternoon trading against an overall market that was up 0.8%. UNWELCOME ATTENTION The breach is Australia's most high-profile since those of telecommunications network operator Optus and health insurance leader Medibank in 2022 prompted cyber resilience laws including mandatory reporting of compliance and incidents. It brings unwelcome attention to Qantas which is trying to win public trust after actions during and after the COVID-19 pandemic saw it plunge on airline and brand league tables. Qantas was found to have illegally sacked thousands of ground workers during the 2020 border closure while collecting government stimulus payments. It also admitted selling thousands of tickets for already-cancelled flights. The airline drew the ire of opposition politicians who said it lobbied the federal government in 2022 to refuse a request from Qatar Airways to sell more flights. Qantas denied pressuring the government which eventually refused the request - a move the consumer regulator said hurt price competition. Qantas CEO Vanessa Hudson has improved the airline's public standing since taking office in 2023, reputation measures showed. "We recognise the uncertainty this will cause," Hudson said of the data breach. "Our customers trust us with their personal information and we take that responsibility seriously." Qantas said it notified the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and the Australian Federal Police. ACSC declined to comment and AFP said only that it was aware of the incident. The OAIC was not immediately available for comment. The airline said the hacker did not access frequent flyer accounts or customer passwords, PIN numbers or log in details. (Reporting by Shivangi Lahiri in Bengaluru and Byron Kaye in Sydney; Editing by Rashmi Aich and Christopher Cushing)
Channel Post MEA
23-06-2025
- Channel Post MEA
Arctic Wolf Expands Aurora Platform with Greater Control Over Security Data & Processes
Arctic Wolf has announced new enhancements to its Aurora Platform, giving customers enhanced ability to interact with their SOC data and operations, greater visibility into their existing tech stack, and deeper customization across their security workflows. These updates come as security teams increasingly face the cost and complexity of managing a SIEM, which often create more problems than they solve. With these enhancements, Arctic Wolf customers gain greater flexibility in how they access and interact with their security data, whether through on-demand self-service features or expert-guided support from their dedicated Concierge Security Team. Traditional SIEM solutions have become a burden for many organizations, especially in hybrid and cloud-first environments. Long deployment timelines, constant upkeep, false positives, and high alert volumes make it difficult for teams to extract meaningful value. SIEMs also require specialized staffing and manual tuning, which is especially challenging in today's talent-constrained market even for well-resourced organizations. With most SIEM solutions, the burden falls on security teams to learn and operate the tool themselves. In contrast, Arctic Wolf delivers visibility and outcomes through a single unified platform and AI-powered SOC, offering intuitive tools and a Concierge Experience that serve as a SIEM alternative to help customers answer their most pressing security questions without added complexity, enabling them to operate with the agility and flexibility required to stay ahead of an increasingly fast-moving and sophisticated threat landscape. With this release, Arctic Wolf introduces advanced new self-service capabilities in its Data Explorer module, enabling security teams to create custom detections aligned to their specific operational and compliance needs. These updates provide a more intuitive way to investigate threats and answer high-priority security questions without having to master a complex tool or invest in constant rule tuning. New and enhanced capabilities in Arctic Wolf Data Explorer include: Simplifying Custom Detections: Quickly build custom detection rules and alerts that are tailored to an organization's unique environment, without the need for SIEM tuning or custom rule sets. Advancing Search Capabilities for Security Teams: Run flexible, intuitive queries to validate alerts and drill into the context behind suspicious activity, without requiring complex syntax. Enabling Advanced Queries Across Historical Data: Investigate across long-term security data to uncover patterns, confirm alert details, or trace threats over time. 'Security teams shouldn't need to fight with their SIEM to get fast answers to important questions,' said Chris Kraft, Chief Product Officer, Arctic Wolf. 'With Data Explorer, we're enabling fast, intuitive access to critical insights, backed by the scale and intelligence of the Aurora Platform. These new enhancements give users more flexibility and control than ever before, allowing them to create custom detections, run targeted investigations, and drive better security outcomes. Unlike legacy tools that are complex to maintain and slow to deliver value, Data Explorer empowers teams to act quickly and confidently.'
