Network security solutions provider WatchGuard Technologies has released Threat Detection and Response (TDR), a new cloud-based service that gives small and midsize businesses (SMBs) and managed security service providers (MSSPs) the ability to detect advanced threats on endpoints, correlate this with data collected from the network, and empower them to centrally respond. Now available with WatchGuard Total Security Suite, TDR pairs detection and response capabilities on the endpoint with a comprehensive set of Unified Threat Management (UTM) network security services.
The new service features:
- ThreatSync – Provides real-time threat detection and policy-based automated response through cloud-based correlation and scoring. It consumes event data from Firebox appliances, Host Sensors on endpoints, and cloud threat intelligence feeds, correlates the data to generate comprehensive threat scores, and initiates automatic malware response tactics.
- Lightweight Host Sensors – Continuously scans and monitors security events on devices and sends them back to ThreatSync for analysis, scoring, and remediation.
- UTM Network Security Services – An added layer of intelligence into the correlation and scoring process. WatchGuard Firebox M Series, T Series and XTMv appliances, as well as existing TSS services like APT Blocker, WebBlocker, Reputation Enabled Defense, and Gateway AntiVirus, also pass threat data through ThreatSync.
- Host Ransomware Prevention (HRP) module – Host Ransomware Prevention, along with the advanced malware protection provided through APT Blocker, blocks the execution of ransomware before file encryption takes place on the endpoint, mitigating the ransomware attack before any damage is done.
The service also adds an additional security layer to existing antivirus solutions by catching anything that the antivirus might miss or be unable to remediate.
"As cyber criminals continue to leverage increasingly varied and sophisticated threat vectors, many companies' endpoints represent under-secured, unnecessary risks for customers, partners, and internal users." says Andrew Young, SVP of product management at WatchGuard. "By correlating our enterprise-grade network security services with data collected from each individual device, WatchGuard can now provide actionable intelligence that enables comprehensive security from the network to the endpoint."
Threat Detection and Response Service is now available as part of the WatchGuard Total Security Suite. For more information, visit www.watchguard.com/TDR.