Home Editorial WatchGuard uses advanced AI on ThreatSync+ NDR

WatchGuard uses advanced AI on ThreatSync+ NDR

by Geny Caloisi

WatchGuard® Technologies, a provider of unified cybersecurity, has launched ThreatSync+ NDR and WatchGuard Compliance Reporting. 

Businesses of any size with smaller IT teams or limited cybersecurity resources can benefit from ThreatSync+ NDR. Using an advanced AI detection engine, ThreatSync+ NDR automates and simplifies continuous monitoring, detection, and remediation of threats. The software surfaces actionable threats and risks quickly and efficiently from billions of network flows. Using this open XDR solution, enterprises with the resources to manage their security operations centres can gain visibility into north/south network traffic.  

A modern AI-based threat detection and response system

This technology comes from WatchGuard’s acquisition of CyGlass in 2023, a key component of ThreatSync+ NDR. This technology comes from WatchGuard’s acquisition of CyGlass in 2023, a key component of ThreatSync+ NDR. 

“The deployment of ThreatSync+ NDR will help our teams gain unprecedented visibility into network-based threats and risky behaviours of which customers were previously unaware,” said James McMillan, co-founder and CTO of Redinet Limited. “It will help us get deeper insights into the different devices operating on the network and the risks they are creating — and it offers guidance on how to address these issues best. I love the product, and I think it will make up a very important part of WatchGuard’s future.” 

ThreatSync+ NDR In Action 

ThreatSync+ NDR watches for attacks as they unfold in the network and excels at finding attacks that have eluded perimeter defences, including ransomware, vulnerability and supply chain attacks. Attackers cannot see ThreatSync+ NDR because it uses AI to search out the attackers’ actions buried in the network traffic. At the same time, attackers cannot hide because they must use the network to expand their attacks. That means NDR is uniquely capable of detecting unfolding attack stages, including command and control calls, lateral movement in the network, reconnaissance scans done on networks and subnets, data-staging movement in the network, malware and encryption packages being deployed in the network, and data exfiltration. 

ThreatSync+ NDR Is Accessible and Cost-Optimised 

  • Rapid Deployment with No Hardware: Other NDR tools are complex to operate and force the deployment of multiple hardware clusters. ThreatSync+ NDR operates in the WatchGuard Cloud, deploys in less than an hour per location — and instantly when using WatchGuard Firebox firewalls — requires no new on-premises hardware and its simplicity makes it easy to manage for small IT teams. 
  • ThreatSync+ NDR delivers enterprise-class machine learning. It is one of the market’s most advanced AI detection engines, with specialised AI models to detect cyber threats like ransomware, vulnerability-based attacks, supply chain attacks, and more. It watches continuously, 24×7, looking for the attacks that get through perimeter defences.  
  • ThreatSync+ NDR automates and simplifies continuous monitoring, detection, and remediation. It uses AI to reduce the IT workload, and the solution’s dashboards, guidance, and reporting enable any IT team member to operate it. 
  • Open XDR. ThreatSync+ NDR works seamlessly with WatchGuard Firebox, adding to WatchGuard ThreatSync XDR intelligence and remediation. It also supports third-party firewalls, industry-standard routers, and switches, making it effective in any organisation.

“The launch of ThreatSync+ NDR is the latest example of WatchGuard’s continued focus on our partner’s opportunity to protect customers better and expand their service offerings by adding to our Unified Security Platform,” said Ben Oster, vice president of product management at WatchGuard Technologies. “ThreatSync+ NDR makes it exceptionally easy to bring the latest innovations in cybersecurity to businesses of every size so that MSPs meet the evolving threat landscape with up-levelled defences and create new service revenue streams.”  

WatchGuard Compliance Reporting 

Often, NDR and XDR tools do not include a compliance reporting capability or rely on expensive, complex Governance Risk and Compliance (GRC) products. WatchGuard Compliance Reporting fills that gap with a simple-to-use and automated report creation framework.  

WatchGuard Compliance Reporting activates the hundreds of network controls from ThreatSync+ NDR to work with automated or manual reporting. The network controls defined by NIST, ISO, CISA and Cyber Essential standards are easily enabled at deployment. WatchGuard Compliance Reporting allows IT and compliance teams to further report on the regulatory laws built from these standards. 

Compliance reports that come out of the box include FFIEC, NIST-171, CMMC, GPDR, IEEE, and many more. Reports are also easily configured in compliance with custom standards imposed by a cyber insurer, industry standards like Motion Picture Association (MPA) compliance, or supply chain vendor third-party risk assessments.  


Related Articles

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy