WatchGuard Tackles Malware in Threat Detection Upgrade

WatchGuard says cybercriminals are developing more and more sophisticated attacks that evade basic antimalware.

James Anderson, Senior News Editor

July 24, 2019

2 Min Read
Threat Detection Malware
Shutterstock

WatchGuard Technologies just enhanced its threat correlation and response platform to make MSSPs’ lives easier.

The Seattle-based vendor says its ThreatSync platform now includes accelerated breach detection, network process correlation and AI-powered threat analysis. WatchGuard made the new features available via its threat detection and response (TDR) platform.

The company declared that its MSP partners can now more quickly detect and contain threats, and automatically address zero-day malware. Brendan Patterson, WatchGuard’s vice president of product management, said cybercriminals are developing more and more sophisticated attacks that evade basic antimalware.

Patterson-Brendan_WatchGuard-e1564005689328.jpg

WatchGuard’s Brendan Patterson

“Midmarket organizations without adequate security expertise and resources rely heavily on trusted IT solution providers to rapidly and effectively respond to attacks,” Patterson said. “These new ThreatSync capabilities arm MSPs with the tools they need to provide malware detection and response (MDR) services by detecting breaches in minutes and automatically mitigating advanced attacks for their customers, all through their existing TDR deployments.”

The Ponemon Institute estimates that the average security breach takes 197 days to identify and another 69 to contain. An IBM Security Study published earlier this week concluded that companies  containing breaches within 200 days lost $1.2 million less than their peers.

WatchGuard’s recent Internet Security Report found that “zero day” malware, which attack previously unknown system vulnerabilities, comprised 36% of threats.

“With each passing day a security threat goes unnoticed, its potential to inflict both financial and reputational harm on an organization increases drastically,” WatchGuard said.

The ThreatSync platform quarantines the compromised host machine from the rest of the network and automatically identifies and begins to remedy infected endpoints. The platform also shows how the initiating endpoint and process for malicious outbound connections.

“This feature provides MSPs and network administrators with detailed contextual information on the network destination, service name, host name and process, allowing them to successfully respond and prevent future instances,” WatchGuard wrote.

WatchGuard’s director of product management earlier this year shared advice for securing mobile and remote employees.

Read more about:

MSPs

About the Author

James Anderson

Senior News Editor, Channel Futures

James Anderson is a senior news editor for Channel Futures. He interned with Informa while working toward his degree in journalism from Arizona State University, then joined the company after graduating. He writes about SD-WAN, telecom and cablecos, technology services distributors and carriers. He has served as a moderator for multiple panels at Channel Partners events.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like