Arctic Wolf has announced the release of Decipio, a community-shared cybersecurity tool aimed at detecting credential theft activity inside networks, with access available to Australian organisations via a gated beta programme.
Credential theft is a common initial access method in cyberattacks but can be difficult to identify early, with many organisations only detecting it after attackers have begun using compromised credentials to move laterally or disrupt systems. Arctic Wolf said Decipio is intended to expose credential-stealing attempts earlier in the attack chain.
“As attackers automate faster and operate more quietly, defenders can’t afford to only respond after the damage is done,” said Ismael Valenzuela, VP of Threat Intelligence Research at Arctic Wolf. “Decipio represents a defense-first approach to AI-powered attacks that is designed to catch threat actors the moment they reveal themselves and gives defenders the home-field advantage. By sharing this tool with the community, we’re inviting practitioners to help shape how AI is applied responsibly in cyber defense.”
According to the company, Decipio focuses on detecting attempts to steal credentials using Windows network techniques such as LLMNR and NBT-NS abuse. Arctic Wolf said the tool is designed to provide an early-warning “tripwire” with a binary signal and minimal tuning requirements, intended to produce high-confidence indicators for investigation.
The company said the tool will be introduced publicly at the SANS AI Summit and is being released as a limited beta, with access reviewed and granted to “verified defenders”. Arctic Wolf said the gated approach is intended to reduce the risk that defensive tooling could be repurposed or accelerate attacker techniques in an environment of large-scale data scraping and automated reuse.
More information and access requests are available at https://arcticwolf.com/decipio/.
