WatchGuard Threat Detection and Response (TDR) correlates network and endpoint security events with threat intelligence to detect, prioritize and enable immediate action to stop malware attacks.
Security Information and Event Management Software
Provides visibility and correlation of network and endpoint activities
Scoring and prioritisatization
Improves security from advanced malware attacks, including ramsonware
Extends enterprise-grade threat intelligence to small and midsize business at no additional cost
Free trial. Contact for further pricing details.
Small (<50 employees), Medium (50 to 1000 employees), Enterprise (>1001 employees)
ThreatSync is WatchGuard’s new cloud-based correlation and threat scoring engine, improving security awareness and response across the network to the endpoint. ThreatSync collects event data from the WatchGuard Firebox, WatchGuard Host Sensor and cloud threat intelligence feeds, and correlates this data to generate a comprehensive threat score and rank based on severity. The lightweight WatchGuard Host Sensor extends visibility and management to the endpoint and continuously sends endpoint events up to ThreatSync for correlation and scoring. The Host Sensor detects events, sends the data to ThreatSync and enables the remediation of threats on the endpoint.WatchGuard Threat Detection and Response (TDR) correlates network and endpoint security events with threat intelligence to detect, prioritize and enable immediate action to stop malware attacks. Threat Detection and Response doesn’t require users or Managed Security Service Providers (MSSPs) to replace existing AV solutions already deployed. TDR works in tandem with existing AV, bringing an additional, powerful layer of threat detection and event correlation to catch anything that AV might miss. From distributed enterprises with 10 branch offices to small and midsize businesses (SMBs) with employees working outside of the network, it can be a struggle to manage security consistently and cohesively across your organization. It is critical for SMBs and distributed enterprise organizations to not only have visibility into both their network and endpoint event data, but to be able to quickly and efficiently leverage actionable insight to remove threats. ThreatSync, a critical component of TDR, collects event data from the WatchGuard Firebox, Host Sensor and enterprise-grade threat intelligence feeds, analyzes this data using a proprietary algorithm, and assigns a comprehensive threat score and rank. This powerful correlation engine enables cloud-based threat prioritization to empower IT team to quickly and confidently respond to threats. WatchGuard is safe, reliable and will protect your assets the right way.