Arctic Wolf expands Aurora with new security tech integrations

Arctic Wolf has introduced new integrations for its Aurora Platform, aiming to improve the adaptability and compatibility of its security operations with major enterprise technologies.

The company's latest enhancements extend the Aurora Platform's support to Microsoft, Oracle, OneLogin, and CyberArk solutions. According to Arctic Wolf, these changes are designed to enable customers to create and configure security technology stacks according to their organisational needs.

Integration focus

Current security operations teams encounter an increasing volume of alerts and data from numerous disconnected tools, a challenge that has been exacerbated by rapid AI adoption. These developments introduce new attack surfaces, contributing to operational inefficiency and so-called alert fatigue, while complicating the identification of significant threats.

Organisational growth often results in the proliferation of disparate endpoint and cloud services, which raises the difficulty of consolidating and analysing security telemetry. Complications in these areas can delay incident response and lead to incomplete threat coverage.

Unified approach

Arctic Wolf's Aurora Platform addresses these issues through what it describes as an open XDR (extended detection and response) architecture. This design enables the unification of diverse telemetry sources into a single system, allowing security teams to monitor multiple threat surfaces with end-to-end visibility. The company reports that its platform currently supports more than 200 technology integrations, aiming to reduce data silos and streamline operations for enterprise security teams.

Artificial intelligence, via Alpha AI, underpins the platform's ability to correlate large volumes of events and prioritise those that have potentially high impact. AI-driven enrichment processes are used before events reach the Security Operations Centre, where human analysts undertake triage and response activities.

The company claims this combination of AI automation and human expertise assists in distinguishing real threats from background noise and improves the speed of detection.

The newly introduced integrations expand Aurora's functionality to include:

• Microsoft Defender XDR – for unified detection, investigation, and response across endpoints, identities, email, and cloud-based applications
• Oracle Cloud Guard – a native cloud tool aimed at identifying and resolving misconfigurations and risky activities in Oracle Cloud Infrastructure
• OneLogin – an identity platform for rapid threat detection and response relating to user authentication
• CyberArk Privileged Access Manager – providing secure management of privileged credentials with encryption, authentication, and access control within Privileged Threat Analytics

Openness isn't just a feature of the Aurora Platform – it's the foundation that allows us to deliver superior outcomes and offer customer choice," said Dan Schiappa, president of technology and services, Arctic Wolf. "By supporting a wide range of technologies and enabling rapid integration as customer environments evolve, we help organisations make security work in the real world – on their terms, with their tools, and without compromise."

Commitment to choice

Arctic Wolf states that its focus on openness and interoperability extends to endpoint protection. The Aurora Platform supports a range of third-party endpoint solutions, in addition to Arctic Wolf's own Aurora Endpoint Security. The integration with Microsoft Defender XDR, in particular, is cited as reinforcing this approach and supporting mixed-vendor environments.

According to the company, ongoing development of the Aurora Platform is aimed at helping organisations to simplify their operations while maintaining a strong defensive posture against cyber threats.