Arctic Wolf launches AI-powered Aurora SOC platform

Arctic Wolf has launched the Aurora Superintelligence Platform and the Aurora Agentic SOC, two products aimed at security operations teams using AI.

The launch combines a new software platform with an operating model that puts AI agents at the centre of security work while keeping human analysts involved in validation and escalation. The system is designed for security operations centres, or SOCs, where teams monitor, investigate and respond to cyber threats.

Arctic Wolf is positioning the move as a response to concerns that agentic AI remains too unreliable for day-to-day cyber defence. It cited problems including hallucinations, model drift and weak reasoning, which it argues have limited broader use of AI-led security tools.

The platform has three core components: the Swarm of Experts, a Security Operations Graph and an AI Trust Engine. Together, they are intended to govern how software agents are trained, deployed and checked before and during use in live security environments.

The Swarm of Experts is described as an AI-led framework with humans in the loop. It uses hundreds of agents to handle security tasks from triage and investigation to response, while analysts act as validation points when incidents are escalated or when a task falls outside an agent's prior experience.

The Security Operations Graph is the data layer behind the system. Arctic Wolf said it ingests more than nine trillion telemetry events each week from multiple sources and draws on more than 14 years of operational data curated by more than 1,000 security analysts, threat hunters and incident responders. The graph also stores customer-specific business context and case history.

The AI Trust Engine sets guardrails around agent autonomy. Arctic Wolf said agents are designed to behave deterministically rather than generate speculative answers, and that each new agent must be tested in its own SOC before being released more widely. It also said all decisions are reviewed by what it calls an AI judge.

Commercial rollout

The Aurora Agentic SOC is the commercial service built on top of the platform. Arctic Wolf described it as a turnkey model for customers that do not want to build and manage their own AI-based SOC internally, a process that can require specialist staff, model governance and integration work across security and IT systems.

At launch, the service includes three classes of agents. Oversight Agents coordinate activity and validate outcomes, Authoritative Agents manage end-to-end security tasks such as triage, investigation, response, threat hunting, proactive security, risk management and context management, and Process Agents automate repetitive SOC work.

Arctic Wolf said its wider SOC operation serves more than 10,000 customers globally. In Australia, it works with hundreds of small and mid-sized organisations, including Arts Centre Melbourne, Parramatta Eels and Brighton Grammar School, and employs about 70 staff locally.

The company also disclosed performance claims tied to the new model. It said customers still average one ticket per day, while cases are resolved 15 times faster, ticket quality is three times higher and a fully turnkey agentic SOC can be deployed in as little as 10 days.

Industry uptake of AI in security operations remains early. Arctic Wolf cited Gartner estimates that AI SOC agents have reached only 1 to 5 per cent penetration of their target market, while a separate survey by ISC2 found that 30 per cent of cybersecurity teams have integrated AI security tools into operations.

Nick Schneider, President and CEO of Arctic Wolf, said the two launches are intended to address those adoption barriers directly.

"The Aurora Superintelligence Platform delivers the agentic capabilities customers have been asking for and need in the AI era.

"Faster detection and response across all attack surfaces, unmatched accuracy, and turnkey deployment that brings advanced AI online instantly. By combining superintelligent AI with human expertise, we're accelerating a shift in cybersecurity-helping organisations operate with greater confidence in a world where threat actors are also leveraging AI to power a new level and scale of attacks," Schneider said.

He made a similar case for the SOC service.

"Customers are clear: They're frustrated with AI and agentic SOC solutions that are complex to deploy, difficult to operationalise, and impossible to fully trust. What organisations really want is a partner who unlocks AI's benefits for them-with a turnkey, built-in, and accessible approach. That's exactly what the Aurora SOC delivers," Schneider said.

Dan Schiappa, President of Technology and Services at Arctic Wolf, said the company had rebuilt the security operations model around AI rather than adding automation to existing workflows.

"This breakthrough unlocks the true potential of AI for cybersecurity," Schiappa said. "Most AI solutions simply automate pieces of the old SOC model. We rebuilt the SOC from the ground up for the AI era-eliminating the guesswork around agents. The result is a safer, smarter, more powerful SOC that delivers trustworthy outcomes at scale. The AI-powered Aurora SOC is a fundamentally different model for security operations-purpose-built for modern AI, not adapted from a legacy, human-led design."

The products are being made available through Arctic Wolf's Security Operations Bundles and Aurora Managed Endpoint Security, with existing customers on those services set to receive the additions at no extra charge.