WatchGuard Endpoint Security Portfolio
Zero-Trust Means 100% of Processes Are Accurately Classified
Our exclusive Zero-Trust Application Service enables continuous endpoint monitoring, detection and classification of all activity to reveal and block anomalous behaviors of users, machines and processes. While our Threat Hunting Service proactively discovers new hacking and evasion techniques and tactics. The two features-as-a-service included in our advanced endpoint security solutions to detect and classify 100% of processes running on all your endpoints.
Advanced Security to Stop Breaches
Unified Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) capabilities, with our unique Zero-Trust Application Service and Threat Hunting Service in one single solution, to effectively detect and classify 100% of processes running on all the endpoints within your organization.
Cloud-delivered endpoint prevention, detection, containment and response technologies against advanced threat, zero-day malware, ransomware, phishing, in-memory exploits and malware-less attacks. It also provides IDS, firewall, device control, email protection, URL & content filtering capabilities.
Intelligent Endpoint Detection and Response
Intelligent EDR that automates the detection, classification and response to all the endpoint activity. Automatically detects suspicious behaviors to block and respond to breaches, malware and advanced threats.
Its technology is based on the Zero-Trust Application Service, which provides full and accurate visibility on endpoints, applications and users and denies any suspicious execution.
This flexible, extensible and automated EDR solution can sit on top of any other EPP solution existing within your organization.
Zero-Trust Application Service
This service classifies as either malware or as trusted, prior to letting only the trusted execute on each endpoint. It enables a continuous endpoint monitoring, detection and classification of all activity to reveal and block anomalous behaviors of users, machines and processes. It has three key components:
- Continuous monitoring of endpoint activity to send every application running on the endpoints to our cloud platform for its classification.
- AI-based classification based on multiple machine learning (ML) algorithms to process hundreds of static, behavioral and context attributes in real-time.
- Risk-based application control to default-deny for any unknown application or binary.
Our AI system automatically classifies 99.98% of all running processes. The remaining percentage is manually classified by our malware experts. This approach allows us to classify 100% of all binaries without creating false positives or false negatives.
Threat Hunting Service
The Threat Hunting and Investigation Service is operated by our analysts to detect hacking and Living-off-the-Land techniques. Through their conclusions, they also enrich our machine learning algorithms. Our team of cybersecurity experts analyzes any suspicious case and investigates the indicators of attack to find evasion and compromise techniques (TTPs) in the event stream. Our hunters also proactively search for patterns of anomalous behavior not previously identified on the network.
- Reduce the MTTD and MTTR (Mean Time To Detect and Mean Time To Respond)
- Create new rules representing new IoAs that can be delivered to the endpoints to rapidly protect them against new attacks.
- Get recommendations on how to mitigate the attack and reduce the attack surface to avoid falling victim to future attacks.
Find out which one fits your corporate protection needs designed for maximum protection with minimal complexity, our advanced solutions are simply packaged to take the guesswork out of endpoint security.
|Lightweight cloud-based agent||✔||✔|
|Real-time endpoint monitoring||✔||✔|
|Collective Intelligence lookups in real-time||✔||✔|
|Cloud-based big data Analytics||✔||✔|
|Zero-Trust App Service: Pre-execution, execution and post-execution|
|In memory behavior anti-exploits||✔||✔|
|Behavioral IOA detection||✔||✔|
|Protection of systems when files are created||✔|
|IDS, Firewall and Device Control||✔|
|Web browsing and Email protection||✔|
|Category-based URL filtering||✔|
|Exchange server protection: Antispam and content filtering||✔|