WatchGuard ThreatSync equips organizations with XDR capabilities
WatchGuard launched ThreatSync, a comprehensive XDR solution included as part of WatchGuard’s Unified Security Platform architecture that provides XDR technology for WatchGuard Network and Endpoint Security products.
WatchGuard ThreatSync equips organizations with XDR capabilities to centralise cross-product detections and orchestrate the automated response to threats from a single pane of glass. It simplifies cybersecurity while improving visibility and response to threats across the organisation faster, reducing risk and cost and providing higher accuracy that would otherwise be impossible.
“Securing complex networks amid a constantly changing cybersecurity threat landscape requires unified visibility and fast, integrated response capabilities,” said Ricardo Arroyo, principal product manager at WatchGuard Technologies. “ThreatSync equips our partners and customers with true XDR capabilities through WatchGuard’s consolidated tooling. Not only does ThreatSync simplify cybersecurity and empower them to work more effectively and efficiently, but it also reduces risk and cost – all while providing a higher degree of accuracy that would be impossible to achieve otherwise.”
For MSPs, XDR reduces the burden on staff by enabling teams to share knowledge from within one security platform. At the same time, XDR increases protection and improves outcomes by combining different security layers. Key features of WatchGuard’s ThreatSync solution include:
Zero configuration – WatchGuard security products are well known for being easy to deploy and easy to manage. From licensing to operations, that simplicity improves efficiency and is fully aligned with the company’s mission to provide a platform that simplifies every aspect of security delivery. As a key component of WatchGuard’s Unified Security Platform®, ThreatSync provides a fully integrated cross-product platform, reducing the costs associated with configuring and integrating multiple point solutions in-house.
Comprehensive security – WatchGuard offers a complete portfolio of security products and services that work in concert to protect environments, users, and devices. ThreatSync leverages WatchGuard’s Network Security and Endpoint Detection and Response (EDR) capabilities to provide cross-detections that are collected and turned into actionable insights in real time through one single pane of glass designed explicitly for service provider end-to-end security management.
Unified threat visibility – ThreatSync increases accuracy and speeds up detection by automatically unifying threat data across the entire WatchGuard security stack in a single interface, with a UX geared for incident responders. ThreatSync gathers and displays cross-product detections in computers, servers, and firewalls from a single pane of glass, eliminating the need for administrators to learn and use multiple consoles. This enables security professionals to enjoy a consolidated user experience while gaining broader incidents context around detection, allowing them to respond to and stop advanced threats faster.
Unified threat detection – ThreatSync provides extended detection capabilities by correlating data from different protection layers of the security stack that indicate the presence of threat actors. By using cross-domain and correlating activities monitored from different WatchGuard security products, ThreatSync scores and detects malicious scenarios that could be indicators of compromise (IoCs). This decreases the mean time to detect (MTTD) while enabling swift overall containment of the impact, severity, and scope.
Unified threat response orchestration – When security experts and IT admins have the information they need, it is easy to respond quickly, even if the device is not physically available. ThreatSync reduces mean time to respond (MTTR) by enabling automated response actions to neutralize threats across organizations in a simpler and faster process, reducing risk and offering higher accuracy. All of this is managed from WatchGuard Cloud, the company’s industry-leading, centralised security visibility and MSP-specific management interface.
ThreatSync is a WatchGuard unified security feature included by default with any Firebox Total Security Suite (TSS) subscription and WatchGuard EDR and EPDR products. The more WatchGuard products you have, the more visibility and expanded XDR features you gain access to.
As a result, partners and customers will benefit from extended protection and improve security posture by reducing and automating the MTTD (mean time to detect) and MTTR (mean time to respond) – meaning increased efficiency, both in cost and operational effectiveness.
“As cybersecurity professionals, we’re charged with protecting a growing and increasingly complex threat surface. We’ve been looking for a Cloud-based solution that correlates cross-domain data feeds to unify and accelerate threat detection and response,” said Steve LaRose, VP of technical operations at Advanced Network Systems, Inc.
“ThreatSync offers an XDR solution within the WatchGuard Unified Security Platform architecture that we already know and trust and allows us to elevate the level of security efficacy and efficiency we’re delivering to our customers,” added LaRose.