Skip to main content

Beta Help us improve the Digital Marketplace - send your feedback

XTRAVIRT LIMITED

Active Wolf Managed Security Platform

Arctic Wolf delivers managed security operations as a concierge service, using our Security Operations Cloud built on Open-XDR - covering on-premises and remote workers, public cloud and SaaS environments. Modules include 24x7 Threat Detection and Response, Managed Risk & Vulnerability, Security Awareness education, and Digital Forensics & Incident Response.

Features

  • 24x7 Security Operations Managed Advanced Threat Detection & Response
  • Bring your own security tooling - endpoint, network, public cloud
  • Unlimited log ingestion & processing for security telemetry
  • Log retention - 90 days minimum, 10 years maximum
  • Managed vulnerability management of endpoints/networks, cloud & darkweb
  • Cloud Security Posture Management - AWS, Microsoft Azure, Google Cloud
  • Managed Security Awareness - managed employee security education & testing
  • Incident Response for assistance & recovery during security incidents
  • Concierge Security Team - named practitioners enhancing your Security Journey
  • Security Operations Warranty Up to $1000000 of financial assistance available

Benefits

  • Holistic, broad visibility gained across your installed security toolset
  • Supports on-premises, edge/remote, public clouds
  • Time to production coverage in less than 30 days
  • Includes SIEM, SOAR, Vulnerability mgmt, Security Awareness, Incident Response technologies
  • 24x7 security monitoring, detection & response including unlimited guided remediation
  • Concierge experience named security experts work to improve your posture
  • In-house threat intelligence, AI/ML and detection engineering included
  • Reduced cost, complexity & time to value vs Managed SIEM
  • Align your organisation to NIST CSF & CIS v8.
  • Powerful UI - access data/incidents/reports, vulnerabilities, IR plans & more

Pricing

£8,298 an instance a year

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@xtravirt.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 4 5 2 3 6 8 5 3 6 6 2 7 1 9

Contact

XTRAVIRT LIMITED Tash Benford
Telephone: 08004880038
Email: accounts@xtravirt.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints
No
System requirements
  • Supported Identity & EDR technology installed by customer
  • ArcticWolf endpoint Agent & Network Sensor installed for enhanced monitoring
  • API & Syslog access supported on-prem & public cloud tooling
  • Log sources should be independent to the buying organisation

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLOs offered to customers can be found in the MDR Solutions Terms located at https://arcticwolf.com/terms/. As of date of response, the following SLOs are offered 24x7x365 via ticket platform (email/website ticket):
Emergency outbound - triaged & true positive: 30 minute response after discovery
Non-Emergency outbound: 2 hour response after discovery

Inbound Emergency Call in has an SLO of 5 minute response - 24x7x365
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
N/A
Onsite support
No
Support levels
Arctic Wolf provides Concierge-focused support to all customers, regardless of size or spend.

Our model includes full onboarding of the solution with our onboarding organisation, comprehensive 24x7 advanced threat detection & response from our customer SOC, propietary threat intelligence & detection and response engineering from Arctic Wolf Labs, and proactive Security Posture Reviews & proprietary microassessments of security enhancements within your organisation from your named Concierge Security Team (CST). Each customer is also aligned to a Customer Success Manager for account management, checkins and healthchecks.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Arctic Wolf offers a white glove installation service with Arctic Wolf Concierge
Onboarding. It streamlines the deployment of the security operations solutions before the service begins.
Every customer is assigned a Concierge Onboarding team that coordinates every step of
the process–from gathering requirements, to portal access,
to testing and validation. This typically takes 30 days before solution acceptance and customisation. This is typically delivered online and remote by Arctic Wolf resources, supported by user documentation available at https://docs.arcticwolf.com
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
At time of or immediately before expiration, Arctic Wolf can support a manual transfer of all retained raw log data using cloud object transfers, specifically Amazon Web Services S3 bucket transfer. The customer will be responsible for the target bucket and associated costs.
End-of-contract process
After the customer has optionally extracted the data, we ensure data is rendered unreadable.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
No
Customisation available
No

Scaling

Independence of resources
This is handled by the underlying public cloud our technology platform is architected within. Arctic Wolf is architected to be a multi-tenanted, highly scalable service for thousands of customers. More information available on request.

Analytics

Service usage metrics
Yes
Metrics types
Our UI provides user access metrics, and solution SLO metrics are given as part of quarterly account reviews with the aligned Customer Success Manager
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Arctic Wolf, Microsoft, Broadcom, VMware, AWS, Runecast, Google, Veeam

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
AWS Data Center Physical Controls (inherited), AWS Data Encyption (configured), Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Customers are able to export data in a variety of ways - extracting raw log/vulnerability data via CSV, producing high-level and low-level reports via PDF, or generating presentation material for customer use.
Data export formats
  • CSV
  • Other
Other data export formats
PDF Reports
Data import formats
Other
Other data import formats
  • Syslog
  • API

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
At this time and as a standard operating practice, we do not include availability SLOs in our solutions agreement.
Approach to resilience
Handled by the underlying cloud provider. More information available on request.
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
Access restrictions in management interfaces and support channels
Management interfaces are limited to AW personnel. Support Requests can only be placed by personnel authorized by the customer.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Tbc
ISO/IEC 27001 accreditation date
Tbc
What the ISO/IEC 27001 doesn’t cover
Incident Response and Cyber Jumpstart modules as well as any sub-processor/third party data center facilities/platforms are not covered
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
SOC 2 with mappings to HITRUST CSF Type 2

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
SOC2 Type II and ISO/IEC 27001
Information security policies and processes
Arctic Wolf maintains Information Security Policies, Standards and Procedures as part of our Information Security Management System (ISMS). which is implemented based on AICPA's Trust Services Principles and ISO 27001/27002 as well other leading industry frameworks.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Application and infrastructure related changes follow an established change management process.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Regular Vulnerability Assesments by internal and external parties and Annual Penetration Test by an independent third party. Findings are addressed in line with AW security policies and standards
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Arctic Wolf Managed Detection and Response services are used.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Arctic Wolf maintains an Information Security Incident Response plan. All Security Incidents follow the defined incident response process in the plan

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

Fighting climate change

Arctic Wolf Networks, Inc., a global leader in cybersecurity, is dedicated to its mission to “End Cyber Risk”. As the company works relentlessly toward this goal for our customers, we are equally committed to conducting business responsibly and purposefully - operating our business in accordance with industry-accepted standards and applicable laws and regulations. We focus our efforts to do our part in minimizing our overall environmental impact, educate and empower our employees, provide free cybersecurity awareness training and resources to help our communities stay safe in an everchanging threat landscape through the Pack Gives Back, encourage employee volunteerism, foster diversity, equity and inclusion, and establish sustainability targets that will keep us
accountable to our goals and strive for continual improvement.

Equal opportunity

We are committed to fostering a diverse, equitable and inclusive workplace where all members of our Pack feel safe and have a sense of belonging. We believe that cultivating diverse and inclusive teams with different perspectives helps us examine ideas from multiple angles, generate competitive business insights, and ultimately make better decisions. Learn more about our Diversity, Equity, Inclusion & Belonging Initiatives. https://arcticwolf.com/company/careers/diversity-equity-inclusion-and-belonging/

Wellbeing

The wellbeing of every pack member is critical to our success. When we’re strong individually, we’re stronger together, and unstoppable as we seek to grow, advance the industry, and carry out our mission to End Cyber Risk.

We want our employees to advance their career and our mission while feeling mentally clear, physically energetic, and connected to the things and people they care about most. Our goal is to encourage a work environment where wellbeing is the foundation that propels our employees forward, not something that has to be sacrificed for them to be successful.

Arctic Wolf offer focus areas, benefits and tools that focus on Professional enhancements, as well as physical, mental, financial and emotional wellbeing.

Pricing

Price
£8,298 an instance a year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@xtravirt.com. Tell them what format you need. It will help if you say what assistive technology you use.