WatchGuard Technologies, a Seattle-based provider of firewall hardware, network security and unified threat management (UTM) solutions, has updated its cloud-based Threat Detection and Response (TDR) service for MSSPs.
Now, MSSPs can use TDR to automatically analyze suspicious endpoint files within a cloud sandbox and identify behaviors associated with persistent threats, zero day attacks and malware, WatchGuard said in a prepared statement.
TDR previously leveraged WatchGuard’s APT Blocker cloud sandbox solution to analyze threats from inside the network perimeter, according to WatchGuard.
With the TDR update, APT Blocker’s next-generation cloud sandboxing capabilities have been extended outside networks, ensuring MSSPs can consume threat data directly from an endpoint for analysis, WatchGuard said.
What Is TDR?
TDR is a cloud-based service that combines network and endpoint security events with threat intelligence to help MSSPs detect, prioritize and enable immediate action to prevent malware attacks, WatchGuard noted.
The service empowers MSSPs with advanced malware defense tools, WatchGuard stated, and these tools include:
APT Blocker: Emulates target environments and safely executes potentially malicious files from both a network and endpoint to analyze their behavior.
Host Ransomware Prevention (HRP) Module: Uses behavioral analysis to identify ransomware-specific characteristics in cyber threats and automatically shuts down ransomware assaults.
ThreatSync: Collects and analyzes threat event data in real-time.
TDR enables MSSPs to service subscriptions without spending as much time at customer sites for new deployments or troubleshooting, WatchGuard said. By doing so, the service helps MSSPs build an additional recurring revenue stream by monetizing continuous threat detection and response services.
With the acquisition, WatchGuard’s MSP and value-added reseller (VAR) partners will be able to offer Datablink advanced authentication as part of a cloud-based service that is expected to be available next year, WatchGuard CEO Prakash Panjwani said.
In addition, the Datablink acquisition allows WatchGuard to bolster its network and wireless security solutions portfolio and make multi-factor authentication (MFA) accessible to small and medium-sized businesses (SMBs) and distributed enterprises, the company noted.
Today, WatchGuard offers network security, secure Wi-Fi and network intelligence products and services to more than 80,000 customers worldwide. The company also provides the WatchGuardONE Channel Partner Program, which enables MSSPs and other partners to deliver WatchGuard security solutions to customers around the world.