Arctic Wolf Product Updates

Learn about new features, updates, and enhancements for Arctic Wolf® products.

April 21, 2026

Unified Portal
  • Added a new Subscriptions page in the Unified Portal. Customers can view all active licenses and subscriptions for their organization in one place, with the option to expand for more details. Support tickets can be submitted directly from the page if there are questions or issues related to a license or subscription.

    For more information, see View subscriptions.

Managed Risk | Unified Portal
  • Added a new algorithm for the Risk Exposure Score. You can switch between the new algorithm and the legacy algorithm.

    For more information, see Risk Exposure Score calculation and View your Risk Exposure Score.

  • Added the Manufacturer field to the Asset Details tab of the Asset Profile page, which provides you with the manufacturer of the device for easier identification and tracking.

    For more information, see Assets table.

  • Added widgets to the Asset page that provide real-time visualization of asset data to make asset management more intuitive and effective.

    For more information, see View asset widgets.

  • Added synchronization of devices with active directory to enhance your device content. These devices have a Source of Active Directory, so that you can distinguish them from other sources.

    For more information, see Assets table.

  • Improved External Vulnerability Assessment (EVA) reports, so they retrieve data from the Unified Portal in addition to the legacy Risk Dashboard. To enable this feature, contact your Concierge Security® Team (CST).

    For more information, see View report history and Unified Portal and Risk Dashboard feature differences.

  • Improved how Managed Risk handles sensitive credentials identified during Internal Vulnerability Assessment (IVA) brute‑force scanning. On the Risk Details page, on the Risk Evidence tab, instead of showing credential data, the portal now displays a generic message stating that the credential data is redacted to protect your organization. We recommend that you review and rotate the affected service credentials as an additional safeguard. If necessary, contact your Concierge Security® Team (CST) for assistance.
  • Removed the need to manually refresh an Asset page. Now, the page automatically refreshes when changes are made. If multiple users edit an asset at the same time, a message displays to state that there are new updates available with an option to refresh the page to see the latest data.
MDR | Unified Portal
  • Launched the Ticket API for generic two-way pull IT service management (ITSM) integration, allowing you to synchronize your ticketing system with the Arctic Wolf ticketing system.

    For more information, see Arctic Wolf Ticket API.

MDR | Active Response
MDR | Active Response, Cloud Detection and Response (CDR), Endpoint Detection and Response (EDR), Syslog forwarding
MDR | Cloud Detection and Response (CDR)

April 9, 2026

MDR | Cloud Detection and Response (CDR)

March 26, 2026

Managed Service Provider (MSP) Portal

  • Added the ability for MSPs to generate monthly per customer and MSP aggregate Executive Ticket Summary reports directly from the MSP Portal as well as the ability to generate daily ticket priority insights.

    For more information, see Generate customer reports.

March 24, 2026

Unified Portal

  • Added the onboarding experience functionality in the Unified Portal. Users can now complete onboarding tasks from the Organization Overview page, such as adding information about the organization's users, sites, and sensors.

    For more information, see

    Manage onboarding and setup tasks.

March 17, 2026

MDR | Cloud Detection and Response (CDR)
Unified Portal
  • Added the option to receive notifications through the Unified Portal, in the Notifications menu. Notifications remain for 30 days and can be customized using the Notification Preferences page.

    For more information, see Configure notification preferences.

February 23, 2026

Managed Risk | Unified Portal

  • Added the ability to rescan up to 200 assets on the Impacted Assets page.

    For more information, see Rescan an asset.

February 18, 2026

Managed Risk | Unified Portal

  • Added the new Risk Remediation Trends widget, which allows you to view the results of your remediation efforts over a specific time range and compare it with incoming risks.

    For more information, see View your risk metrics.

February 17, 2026

MDR | Unified Portal
  • Improved Aurora Security Assistant to answer questions about Arctic Wolf products and services based on the public Arctic Wolf Help Documentation.

    For more information, see Aurora Security Assistant.

MSP Portal | Unified Portal

February 4, 2026

Managed Risk | Unified Portal

  • Added the ability to view risks grouped by suggested remediation, for example, the software version to upgrade to or configuration change to apply to resolve risks. Each remediation identifies the number of assets impacted and total number of risks that will be fixed if the remediation is applied. You can export the remediation data into a CSV file, so that you can process, share, or import it into another system

    For more information, see Risks table, Risk filters, Export remediation data, and View assets impacted by remediation.

February 3, 2026

Aurora Endpoint Security | Aurora Protect, Aurora Focus

  • The end of technical support dates for the Aurora Protect 3.2 and Aurora Focus 3.2 agents have been extended to May 19, 2026. This allows for more time to upgrade from these versions and make sure devices remain protected. For more information, see the Aurora Protect and Aurora Focus software lifecycles.

January 28, 2026

Managed Risk, MDR | Unified Portal
  • You can now schedule sensor and scanner updates in the Unified Portal.

    For more information, see Sensor upgrades.

January 27, 2026

Aurora Endpoint Security, Incident Readiness and Response, MA, Managed Risk, MDR | Unified Portal

  • Added visual representations of your Cyber Resilience Index to reports generated for the Cyber Resilience Assessment.

  • Added the option to include comments when you generate a report for the Cyber Resilience Assessment.

    For more information, see Download a Cyber Resilience Assessment report.

Incident Readiness and Response | Unified Portal
  • You can now access the Incident Response (IR) Planner directly in the Unified Portal. For more information, see Incident Response Planner.
Managed Risk | Unified Portal

  • Added the ability to integrate your ITSM solution with the Unified Portal, which allows you to create tickets for risks and track risk remediation.

    For more information, see Integrate your ITSM solution with the Unified Portal, Create an ITSM ticket for the risks in your organization, Risks table, and View risk details.

  • Added two new widgets for metrics about the risks in your environment. The Top Risks by Asset Category widget allows you to view the number of risks your environment has in the top eight risk categories, with the most critical risks listed first, followed by high, medium, and then low. The Latest Security Bulletins widget lists the five most recent Arctic Wolf Research team Security Bulletins about Common Vulnerabilities and Exposures (CVEs) that are present in your environment. This helps you to improve your understanding of which assets are impacted by the CVEs and prioritize remediation efforts.

    For more information, see View your risk metrics.

  • Added saved filters to the Risks page. You can now view, save, edit, apply, and delete custom filter sets. This makes it easier for you to view data with filters applied that you regularly use, and saves you time with administrative tasks.

    For more information, see Risk filters.

  • Added the ability to rescan an asset outside of a scan schedule. This allows you to verify changes made to an asset without waiting for the next scan window to complete.

    For more information, see Rescan an asset.

Managed Security Awareness® (MA)

  • Added the the ability for Managed Security Awareness (MA) Plus customers to customize phishing simulation emails. Administrators can customize the phishing simulation emails by creating their own template or duplicating and then modifying an existing Managed Program template.

    For more information, see Customize Phishing Simulation Email Template Content.

  • Added the ability for Managed Security Awareness® (MA) administrators to customize program emails with Header and Footer fields. Administrators can now add custom branding text to QuickStart and awareness sessions, User Status Report emails, and User Compliance Status report emails to enable Private Labeling.

    For more information, see Customize MA emails using private labeling.

  • Added a granular enable or disable toggle to manage User Status Reports sent from the Incomplete Session Manager for Awareness and Compliance. This provides additional control of the frequency of the User Status Report notifications for MA users.

    For more information, see Enable or disable phishing simulation emails.

MDR | Syslog forwarding

MDR | Unified Portal

  • Added the Security Investigations page under the Tickets & Alerts section of the navigation menu. This page allows you to view details for ticketed or closed investigations, including the investigation timeline of actions taken.

    For more information, see Security Investigations.

January 8, 2026

MDR, Managed Risk, Managed Security Awareness® (MA), Incident Readiness and Response | MSP Portal
  • Added a notifications feature to the MSP Portal. To view announcements about new features and enhancements, click Notifications.
  • Added Engagement Type and IR Plan Status columns to the home page.

    For more information, see View customer organizations.

  • Added tooltips for abbreviated subscription names in the Subscriptions column. To view the full name of a subscription, hover over an abbreviation.