At the core of ThreatSync+ NDR is an advanced AI engine with a two-layer neural network approach. With the new offering, organizations of all sizes benefit from cross-domain visibility, alert correlation and orchestrated defense.
WatchGuard Technologies has announced the launch of ThreatSync+ NDR. The product, which can be specifically complemented by the also new WatchGuard Compliance Reporting, marks the birth of the ThreatSync+ family. ThreatSync+ NDR was developed to simplify the continuous monitoring, detection and remediation of threats using artificial intelligence (AI).
This makes it easy to break through the noise of the billions of data streams in the network. Potential risks can be located quickly and efficiently in this way, and countermeasures can be taken immediately. The open XDR solution offers insight into all network traffic from every direction, thus covering a requirement that until now only large companies - with the appropriate resources and a Security Operations Center (SOC) in their own ranks - could meet.
Advanced AI engine at the core
🔎 ThreatSync and ThreatSync+ NDR provide comprehensive and unified threat analytics (Image: WatchGuard).
At the core of ThreatSync+ NDR is an advanced AI engine with a two-layer neural network approach - a key technology that WatchGuard was able to adopt as part of the 2023 acquisition of CyGlass. The AI engine in ThreatSync+ NDR correlates anomalies, with individual incidents prioritized and presented accordingly based on a risk assessment. Managed service providers (MSPs) and IT security experts benefit from an intuitive dashboard that allows concrete conclusions to be drawn about the location of the incident, affected devices and users and the chronology, enabling them to focus on the most critical threats and to review and implement relevant damage control measures - for even better protection of the company.
"WatchGuard ThreatSync+ NDR provides an additional, sophisticated layer of protection, ensuring a previously unattainable level of security," says Marko Bauer, Managing Director of Fornax GmbH. "In the past, deploying NDR (Network Detection & Response) was difficult due to its complexity and high operating costs. Thanks to WatchGuard's cloud-based architecture, we no longer have to install or administer hardware. Nothing stands in the way of a quick, easy and cost-effective implementation of ThreatSync+ NDR. The solution offers first-class AI-based protection at an affordable price while creating significant growth opportunities for our own company."
Intelligent hazard detection thanks to AI
ThreatSync+ NDR scans the network for developing attacks and also detects patterns that evade traditional security controls at the perimeter. Ransomware, supply chain attacks or the exploitation of previously unknown vulnerabilities are effectively counteracted. ThreatSync+ NDR's AI-based mechanisms for screening network traffic are not visible to attackers. Conversely, however, they can no longer hide as they expand their machinations in the network. NDR is able to detect attack indicators at an early stage. Initial clues are reliably identified - regardless of whether they are command-and-control calls, lateral movements in the network, reconnaissance scans in networks and subnets, data provision in the network, the infiltration of malware and encryption packages or attempts at data exfiltration.
Easily accessible and cost-optimized
With ThreatSync+ NDR, previous stumbling blocks to NDR implementation are removed. The advantages:
- Fast deployment without hardware: Other NDR tools are usually extremely complex to use and require the use of multiple hardware clusters. ThreatSync+ NDR is operated in the WatchGuard Cloud and can be deployed anywhere in less than an hour, or even immediately if WatchGuard firewalls are already in place at the destination. No new hardware is required and using and managing it is not a major challenge even for smaller IT teams.
- ThreatSync+ NDR delivers enterprise-grade machine learning: One of the most advanced AI detection engines on the market uses specialized AI models to detect a wide range of modern cyber threats, including ransomware, vulnerability-based attacks, supply chain breaches, and more. Monitoring is continuous 24/7 and attacks that penetrate perimeter defenses are reliably detected.
- ThreatSync+ NDR automates and simplifies continuous monitoring, detection and remediation: By using artificial intelligence, the workload of the IT department is significantly reduced. Intuitive dashboards, understandable instructions and clear reports enable every employee to easily use ThreatSync+ NDR.
- Open XDR: ThreatSync+ NDR works seamlessly with WatchGuard Firebox and further increases the value of WatchGuard ThreatSync XDR. Third-party firewalls and industry-standard routers and switches are also supported. This means that every company can benefit from ThreatSync+ NDR.
"The launch of ThreatSync+ NDR is further proof of how closely WatchGuard is focused on the needs of its partners. Based on our Unified Security Platform, they can offer their customers even better protection and consistently expand their service offerings," emphasizes Ben Oster, Vice President of Product Management at WatchGuard Technologies. "With ThreatSync+ NDR, partners are able to score points with companies of all sizes. The path to state-of-the-art IT security functionality is now open to everyone. Managed Service Providers (MSPs) are given the necessary tools to assert themselves with their defenses in a constantly evolving threat landscape and to open up new revenue streams for themselves."
WatchGuard Compliance Reporting
Many NDR and XDR tools on the market do not include compliance reporting functionality or implementation requires interaction with additional, expensive and complex governance risk and compliance (GRC) products. WatchGuard Compliance Reporting now closes this gap with an easy-to-use framework for reporting that can also be automated. Whether manual or automated: When generating reports, feedback from hundreds of security control mechanisms in the network - activated when using ThreatSync+ NDR - is incorporated, with all of the requirements and cyber-essential standards defined by NIST, ISO, CISA and being met and adhered to.
In addition, IT and compliance teams can use WatchGuard Compliance Reporting to further enrich reports in line with regulatory requirements. Standard compliance reports include FFIEC, NIST-171, CMMC, GPDR, IEEE, and many more. Reports can also be easily configured and customized to meet cyber insurance requirements, specific industry standards, or supply chain partner risk assessments.
New ThreatSync+ product family expands WatchGuard’s XDR strategy
All of WatchGuard's XDR products are connected via the WatchGuard ThreatSync architecture. Insights and knowledge can be shared across the entire Unified Security Platform architecture in line with WatchGuard's XDR strategy. Each new or enhanced XDR function therefore adds value to the overall structure of the ThreatSync+ product family. Each individual product increases the overall impact, and the synergy potential can be exploited at no additional cost. The AI engine of ThreatSync+ is based on advanced threat detection and analysis and, as an open XDR solution, also supports the integration of third-party providers. Customers can easily adapt and further develop their XDR approach to their individual needs using additional ThreatSync+ licenses - starting with ThreatSync+ NDR, which will be followed by other ThreatSync+ products in the future.
More at WatchGuard.com
About WatchGuard WatchGuard Technologies is one of the leading providers in the field of IT security. The extensive product portfolio ranges from highly developed UTM (Unified Threat Management) and next-generation firewall platforms to multifactor authentication and technologies for comprehensive WLAN protection and endpoint protection, as well as other specific products and intelligent services relating to IT security . More than 250.000 customers worldwide rely on the sophisticated protection mechanisms at enterprise level,