The cybersecurity field is past the time when next-generation antivirus (NGAV) and endpoint protection platforms (EPP) alone can protect organizations from the rapidly evolving cyberthreats facing them, according to
Michelle Welch, chief marketing officer and senior vice president of business strategy for
WatchGuard Technologies.
“Cyberattacks are faster, stealthier, and more adaptive than ever,” Welch told MSSP Alert. “NGAV and EPP alone can only block what they recognize; they don’t detect or respond when attackers use fileless or living-off-the-land techniques. Once prevention fails, you’re effectively blind. One bypass leaves the entire environment exposed.”
The Seattle-based vendor, which offers a unified security platform for MSPs, “believes today’s organizations need - and deserve - more to stay safe in this ever-evolving threat landscape,” she added.
That’s a driving factor behind WatchGuard’s release this week of Endpoint Security Prime, which combines AI-powered endpoint detection and response (EDR) capabilities with NGAV. Company executives said the merging of the two will better protect enterprises and SMBs against outside threats while immediately stopping any that do get through.
It also gives MSPs and MSSPs something they can offer clients dealing with the growing numbers and sophistication of modern cyberthreats.
“We’re closing the gap left by many legacy AV solutions and offering customers a chance to feel more confident in their endpoint security,” Welch said. “It combines AI-powered EDR, advanced malware and exploit detection, and built-in attack surface reduction to stop threats in real time. Prime resets the baseline, delivering full endpoint defense at a price point every organization can afford.”
AI and Cybersecurity
Endpoint Security Prime follows the trend in the cybersecurity space of using AI to protect against threat actors that are increasingly using the technology in their attacks. WatchGuard’s new offering includes
self-learning AI agents that can detect anomalies, analyze behavior, and investigate and remediate threats in milliseconds, even while offline, according to the vendor.
AI is key to not only Endpoint Security Prime but all of the vendor’s endpoint security products, Welch said, adding that the capabilities of the AI agents “dramatically reduce dwell time and false positives while freeing security teams from endless manual triage.”
It is also critical for MSSPs and MSPs, she said.
“For MSPs managing hundreds or thousands of endpoints, AI isn’t a buzzword; it’s the only way to scale protection without scaling headcount,” Welch said. “It makes the difference between reactive defense and proactive, automated resilience.”
A Dual Role
AI plays a dual role in cybersecurity, according to cloud computing and security company
Akamai Technologies.
“On one hand, cybercriminals are using AI to conduct more sophisticated and targeted cyberattacks; on the other hand, AI is driving significant advancements in cybersecurity defenses, enabling security teams to identify and respond to attacks with greater speed and precision than ever before,” the Cambridge, Massachusetts, company
wrote earlier this year. “As AI systems become more advanced, they’re predicted to take on an even greater role in cyber defense in the coming years. AI is likely to bring further advancements in threat detection and mitigation, allowing cybersecurity teams to continually scale their efforts and react to threats faster.”
To better control the attack surface, WatchGuard’s new offering includes such endpoint-protection features as built-in vulnerability management, device control, web filtering, anti-phishing, and tamper protection.
An Expanding Platform Play
The vendor is also building out its platform at a time when organizations and MSPs are looking for the simplicity, consistency, and control
such platforms deliver, Welch said. WatchGuard customers can start with a packaged endpoint solution like Endpoint Security Prime, then add other capabilities that include its Zero-Trust Application Services, Endpoint Access Enforcement, and other security operations tools.
“All of this connects seamlessly into our Unified Security Platform, which brings endpoint, network, and identity security together under one framework,” she said. “That means centralized visibility, shared threat intelligence, and automated response across every layer.”
WatchGuard’s Endpoint Security Prime is available now in North America as part of an early program through December 31. It will become globally available – along with additional endpoint security packages – early next year.
It comes a week after WatchGuard unveiled the
latest generation of its Firebox rackmount systems – the Firebox M Series – that deliver better security and performance capabilities than previous iterations.
