SOC-as-a-service vendor Arctic Wolf has introduced a host isolation service designed to prevent attacks that have successfully breached a target’s perimeter from spreading across the network and exfiltrating data.
The new “managed containment” offering, which is available immediately, is an addition to the vendor’s Managed Detection and Response (MDR) service. Users can purchase MDR, in turn, either as a standalone subscription or in conjunction with Arctic Wolf’s Managed Risk solution.
“Businesses are embracing SOC-as-a-service offerings such as threat monitoring and detection, but also want to be able to quickly contain these threats before they spread and do broader damage to the IT environment,” said Arctic Wolf CEO Brian NeSmith in prepared remarks. “This announcement augments our current MDR offering by adding managed containment to isolate threats that could otherwise cause significant loss or system down time.”
The new service sends automatic push notifications to operators of compromised endpoints notifying them that their device has been contained, and updates them when containment has been lifted as well. Monthly reporting lets MSPs and their customers see what containment actions Arctic Wolf has taken on their behalf.
Arctic Wolf’s MDR offering is a 24/7 monitoring service backed by an in-house team of security experts that’s designed to protect both local and cloud-based resources from malicious activity. Delivered at a flat monthly fee with unlimited data collection and event volumes, the solution includes network traffic inspection and log analysis. Earlier this week, Google announced that the service will be available for Google Cloud users.
Introduced in June, Managed Risk is a vulnerability scanning and endpoint analytics service that automatically discovers and profiles assets, and then searches for threats both within corporate networks and in internet-facing systems.
IDC expects businesses worldwide to spend over $21 billion this year on SOC-as-a-service and other managed security offerings.