WatchGuard® Technologies, a global leader in unified cybersecurity, today announced that it has been recognized as a leader by GigaOm in its latest Radar Report on the endpoint detection and response (EDR) market. GigaOm specifically classifies WatchGuard as an “Outperformer” that is “rapidly innovating its EDR solution” and “bringing capabilities to the space that are valued by both large and small organizations.”
The report evaluated WatchGuard’s advanced Endpoint Protection Detection and Response (EPDR) solution, which includes Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) for comprehensive protection against sophisticated cyber threats. With continuous monitoring, detection, and classification of all activity, WatchGuard Advanced EPDR reveals and blocks anomalous behaviors on computers, servers, and processes while proactively alerting security teams to new hacking and evasion techniques.
“This is a great validation of the capabilities and value we bring to the EDR market,” said Andrew Young, chief product officer at WatchGuard Technologies. “Advanced endpoint security capabilities are essential to protect the modern distributed enterprise and a core component of our Unified Security Platform® architecture. We’re constantly striving to deliver enterprise-grade cybersecurity solutions easily accessible for MSPs to deploy and manage.”
GigaOm noted that WatchGuard Advanced EPDR is a “very well-rounded and capable” solution, calling out as a differentiator its ability to identify previously unknown applications through its Zero-Trust Application Service. WatchGuard Advanced EPDR combines the widest range of endpoint protection technologies (EPP) with automated detection and response (EDR) capabilities. It also has two services, managed by WatchGuard experts, that are delivered as a feature of the solution. The Zero-Trust Application Service classifies 100% of processes by default, denying any execution until it is certified as trusted, and the Threat Hunting Service automatically processes all data gathered from telemetry, identifying indicators of attack (IOAs).
Other key features called out by GigaOm include:
- Osquery integration for rapid forensic evidence collection and interrogation
- Jupyter Notebook integration for Runbook management
- Ability to remotely isolate potentially infected endpoints for further evaluation
In addition, GigaOm pointed out that WatchGuard Advanced EPDR includes managed threat hunting, which often requires a separate license from other vendors. This is especially important for smaller organizations that may not have the resources or expertise to perform threat hunting on their own.