FAQ
MANAGED RISK
GENERAL
What is Managed Risk?
How is the Managed Risk solution different from Managed Detection and Response?
What's the difference between external scans performed by the Managed Detection and Response (MDR) solution and ones performed by Managed Risk?
Does the Arctic Wolf Agent have to be installed in order to use Managed Risk?
Currently, installing the Agent is not a requirement — though it is recommended, as audit and alert data collected from supported devices assists in detecting potential threats, as well as uncovering known vulnerabilities and risks. The Agent is, however, required to be installed to address additional use cases, such as host-based vulnerability assessment and CIS benchmarking in Managed Risk, and managed containment — where a host device is required to be contained — in MDR.
How is the Arctic Wolf Agent deployed?
The Arctic Wolf Agent can be deployed using a deployment tool such as General Policy Object (GPO) for Windows environments, or Jamf for MacOS environments. Since the installer generates a unique ID upon startup, it is not recommended or supported to install the agent on a “golden image” in Virtual Desktop Infrastructure (VDI) environments.
How does an existing customer install the Arctic Wolf Agent?
Existing Arctic Wolf Customers should submit a ticket to their Concierge Security® Team (CST), who works directly with them to deploy the Arctic Wolf Agent in their environment. Existing customers can also contact their Customer Success Manager, which will trigger the same workflow of submitting a ticket to install the Arctic Wolf Agent with the CST.
DISCOVER
How often is the Account Takeover capability updated with new information about dark web exposures?
The Account Takeover capability is updated with new information obtained from dark and grey web sources weekly. These scans are completed on a monthly cadence to capture any corporate credentials or other critical personally identifiable information (PII) that may have been exposed as part of a publicly disclosed data breach.
Can I use Managed Risk to scan vulnerabilities in my IaaS cloud environment (Amazon, Azure, Google, etc.)?
Yes, when combined with Arctic Wolf Cloud Detection and Response (CDR), Managed Risk features an additional Cloud Security Posture Management (CSPM) product that can scan for vulnerabilities and misconfigurations in SaaS and IaaS environments inside AWS, GCP and Azure.
ASSESS
How is the criticality of a vulnerability determined?
For CVEs and those with known exploits, the criticality of vulnerabilities is obtained based on available CVSS information. For other risks that are not pure CVEs, we rely on the OpenVAS/Greenbone Commercial Feed. This feed is updated 4 times daily, and Arctic Wolf polls for new NVTs on an hourly basis.
How is the criticality of the asset determined?
Managed Risk has a proactive way of engaging with its customers with the Concierge Security delivery model. Our Concierge Security Team (CST) examines your environment and provides you with a list of assets which are already deduplicated and assign asset criticalities for you to quickly review. We also review your environment characteristics and requirements.
How is the overall customer risk score calculated?
HARDEN
How does Arctic Wolf proactively mitigate digital risks?
Built on the Arctic Wolf Platform and delivered by security operations experts, Arctic Wolf Managed Risk is designed to help you discover, assess, and harden your environment against a greater number of digital risks beyond vulnerabilities. The Managed Risk solution produces easy-to-understand risk scores delivered through insightful dashboards and reports provided by your Concierge Security Team (CST). Your CST works directly with you to add context to identified risks, deliver insight on configuration gaps and account takeover (ATO) exposure, and provide strategic guidance so you gain clarity on what you should do next to proactively mitigate risk.
How does my Concierge Security team help if an issue is found?
- Customize service to your needs
- Continuously scan your environment for digital risks
- Perform monthly risk posture reviews
- Provide actionable remediation guidance
- Deliver a customized risk management plan to prioritize remediation and measure progress