- Top 10 sensors market 2017-2022
- Sony batteries for Samsung’s Galaxy 8 smartphone
- Temperature controller has self-contained control system
- Electrical fingerprint technology helps with energy savings
WatchGuard Technologies has announced Threat Detection and Response (TDR), a new cloud-based service that gives businesses the ability to detect advanced threats on endpoints, correlate this with data collected from the network and empower them to centrally respond.
TDR pairs detection and response capabilities on the endpoint with a comprehensive set of industry-leading Unified Threat Management (UTM) network security services.
“As cyber criminals continue to leverage increasingly varied and sophisticated threat vectors, many companies’ endpoints represent under-secured, unnecessary risks for customers, partners, and internal users.” said Andrew Young, SVP of product management at WatchGuard. “By correlating our enterprise-grade network security services with data collected from each individual device, WatchGuard can now provide actionable intelligence that enables comprehensive security from the network to the endpoint.”
TDR further allows organisations to protect themselves from cyber threats by correlating events from their UTM appliances and their endpoints. This pinpoints malicious behaviours by using heuristics and threat intelligence, and scores them by risk and severity.
The new service includes the following features and benefits:
- ThreatSync – provides real-time threat detection and policy-based automated response through cloud-based correlation and scoring. It consumes event data from Firebox appliances, Host Sensors on endpoints, and cloud threat intelligence feeds, correlates the data to generate comprehensive threat scores, and initiates automatic malware response tactics. This intelligent prioritisation of each individual threat based on its overall level of risk ultimately allows organisations to decrease time to detection and remediation
- Lightweight Host Sensors – extend organisations’ visibility and management to the endpoint by continuously scanning and monitoring security events on devices and sending them back to ThreatSync for analysis, scoring and remediation. Previously a frustrating security blind spot for most organisations, this constant flow of data from devices beyond the traditional network perimeter allows users to visualise and address endpoint threats.
- UTM Network Security Services – add yet another layer of intelligence into the correlation and scoring process.
- Host Ransomware Prevention (HRP) module – enables industry-leading prevention against ransomware attacks. Host Ransomware Prevention, along with the advanced malware protection provided through APT Blocker, blocks the execution of ransomware before file encryption takes place on the endpoint, mitigating the ransomware attack before any damage is done.
- Additional Security Layer to Existing Antivirus (AV) – means that users or MSSPs don’t need to replace existing AV solutions already deployed. TDR works in tandem with existing AV, bringing an additional, powerful layer of threat detection and event correlation to catch anything that AV might miss or be unable to remediate.