class="news-template-default single single-news postid-7390 wp-custom-logo tribe-no-js">
WatchGuard Supercharges Comprehensive Threat Detection and Response with AI-Driven ThreatSync+ NDR
A new addition to WatchGuard’s ThreatSync family for unified visibility, alert correlation, and orchestrated threat response — accessible to any organization
SEATTLE – June 25, 2024 – WatchGuard® Technologies, a global leader in unified cybersecurity, today announced the launch of ThreatSync+ NDR and WatchGuard Compliance Reporting. ThreatSync+ NDR is uniquely suited for businesses of any size that operate with smaller IT teams or limited cybersecurity resources. The first in a new ThreatSync+ family of products, ThreatSync+ NDR automates and simplifies continuous monitoring, detection, and remediation of threats using an advanced AI detection engine. It cuts through the noise of billions of network flows to surface actionable risks and threats quickly and efficiently. This open XDR solution delivers visibility into east/west and north/south network traffic that was previously only available to large enterprises with the resources to manage their own security operations center (SOC).
Modern AI for Superior Threat Detection and Response
ThreatSync+ NDR utilizes an advanced AI engine with a dual-layered neural network approach, a key technology from WatchGuard’s acquisition of CyGlass in 2023. The AI engine in ThreatSync+ correlates and presents anomalies as risk-scored and prioritized incidents, giving managed service providers (MSPs) and IT security pros an intuitive dashboard that includes incident location, devices, users, and timelines, empowering them to focus on the most critical threats, review guidance on mitigation, and ultimately, better protect their organizations.
“WatchGuard ThreatSync+ NDR provides an additional layer of advanced protection that was previously out of reach,” said Don Gulling, founder and chief executive officer at Verteks Consulting. “In the past, delivering NDR was difficult due to its complexity and high operating costs. Because WatchGuard’s cloud-based architecture doesn’t require us to install or manage any hardware, we can quickly, easily and cost-effectively deploy ThreatSync+ NDR for our customers. With the affordable, world-class AI-based protection offered by WatchGuard ThreatSync+NDR, we can now bring our customers increased protection while also creating significant growth opportunity for our business.”
ThreatSync+ NDR In Action
ThreatSync+ NDR watches for attacks as they unfold in the network and excels at finding attacks that have eluded perimeter defenses including ransomware, vulnerability and supply chain attacks. Attackers cannot see ThreatSync+ NDR because it uses AI to search out the attackers’ actions buried in the network traffic. At the same time, attackers cannot hide because they must use the network to expand their attack. That means NDR is uniquely capable of detecting unfolding attack stages, including command and control calls, lateral movement in the network, reconnaissance scans done on networks and subnets, data-staging movement in the network, malware and encryption packages being deployed in the network, and data exfiltration.
ThreatSync+ NDR Is Accessible and Cost-Optimized
- Rapid Deployment with No Hardware. Other NDR tools are complex to operate and force the deployment of multiple hardware clusters. ThreatSync+ NDR operates in the WatchGuard Cloud, deploys in less than an hour per location — and instantly when using WatchGuard Firebox firewalls — requires no new on-premises hardware, and its simplicity makes it easy to manage for small IT teams.
- ThreatSync+ NDR delivers enterprise-class machine learning. It is one of the market’s most advanced AI detection engines, with specialized AI models to detect cyber threats like ransomware, vulnerability-based attacks, supply chain attacks, and more. It watches continuously, 24×7, looking for the attacks that get through perimeter defenses.
- ThreatSync+ NDR automates and simplifies continuous monitoring, detection, and remediation. It uses AI to reduce the IT workload, and the solution’s dashboards, guidance, and reporting enable any IT team member to operate it.
- Open XDR. ThreatSync+ NDR works seamlessly with WatchGuard Firebox and adds to WatchGuard ThreatSync XDR intelligence and remediation. It also supports third-party firewalls and industry-standard routers and switches, making it effective in any organization.
“The launch of ThreatSync+ NDR is the latest example of WatchGuard’s continued focus on our partner’s opportunity to better protect customers and expand their service offerings by adding to our Unified Security Platform,” said Ben Oster, vice president of product management at WatchGuard Technologies. “ThreatSync+ NDR makes it exceptionally easy to bring the latest innovations in cybersecurity to businesses of every size so that MSPs meet the evolving threat landscape with up-leveled defenses and create new service revenue streams.”
WatchGuard Compliance Reporting
All too often, NDR and XDR tools do not include a compliance reporting capability or rely on expensive, complex Governance Risk and Compliance (GRC) products. WatchGuard Compliance Reporting fills that gap with a simple-to-use report creation framework, and automated report creation.
WatchGuard Compliance Reporting puts the hundreds of network controls activated from ThreatSync+ NDR to work with automated or manual reporting. The network controls defined by NIST, ISO, CISA and Cyber Essential standards are easily enabled at deployment. WatchGuard Compliance Reporting allows IT and compliance teams to further report on the regulatory laws built from these standards. Compliance reports that come out-of-the-box include FFIEC, NIST-171, CMMC, GPDR, IEEE, and many more. Reports are also easily configured in compliance with custom standards imposed by a cyber insurer, industry standards like Motion Picture Association (MPA) compliance, or supply chain vendor third-party risk assessments.
Expanding WatchGuard’s XDR Strategy with the New ThreatSync+ Family of Products
The WatchGuard ThreatSync architecture centralizes our XDR products and strategy for beneficial shared knowledge and insights across the Unified Security Platform architecture. As XDR capabilities grow and evolve, so will WatchGuard’s ThreatSync family. Its core capabilities create the unified remediation and response engine necessary for XDR, and these benefits are available with each sale of qualifying WatchGuard products at no additional charge. The ThreatSync+ AI engine layers on advanced threat detection and analysis and supports third-party participation for an open XDR solution. Customers can add ThreatSync+ licenses to customize their XDR approach so that it fits their unique needs, beginning with ThreatSync+ NDR and including other ThreatSync+ products in the future.
For more information about WatchGuard ThreatSync+ NDR, click here.
Additional Resources:
WatchGuard ThreatSync+ NDR Datasheet
WatchGuard ThreatSync+ NDR Use Case White Paper
Threat-Ransomware Report Feature Brief
Compliance Reporting Datasheet
Recommended Articles
