1、2025A R C T I C W O L FSecurity OperationsReport2025 Arctic Wolf Networks,Inc.All rights reserved.|Public Table of ContentsForeword 3Key Takeaways 4Data Sources 6Detecting Threats Across the Entire Attack Surface 7Analyzing Telemetry to Uncover Potential Threats 8Threat Intelligence Spotlight 924x7
2、Vigilance Is Essential 10Mega Event Spotlight:Fortinet“Console Chaos”11Triaging Alerts to Eliminate False Positives 13Top 3 Reasons for Alert Tickets 14 Not All Alerts Are Equal 14Increasing Efficiency with AI Powered Human Experts 15Rapid Detection and Validation are Essential for Reducing Dwell Ti
3、me 15Investigating Threats 16Responding to Threats with Speed and Precision 16A Familiar Trio of Industries Tops the Charts 17Mega Event Spotlight:SonicWall(CVE-2024-40766)19Conclusion 21ARCTIC WOLF|2025 SECURITY OPERATIONS REPORT2ARCTIC WOLF|2025 SECURITY OPERATIONS REPORTForewordThis concern is ec
4、hoed in the FBIs 2024 Internet Crime Report,which reveals a staggering 28%increase in reported losses year-over-year,reaching$16 billion(USD),up from$12.5 billion the year prior.This increase is ultimately a flashing siren,directing our attention towards the disconnect between investment and securit
5、y outcomes.Our analysis suggests that the gap between effort and effectiveness is driven by compounding operational failures,which history has proven cannot be solved with more money and tools.Instead,we must address the core factors driving this“effectiveness gap,”including a focus on security chec
6、klists over security operations,legacy platforms ill-equipped for modern IT environments,the one-size-fits-all models that ignore unique organizational context,and legacy attitudes that presume outdated adversarial tactics rather than the adaptive,autonomous techniques reshaping todays threat landsc