International Cyber Expo International Cyber Expo
  • About Us
Wednesday, 15 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Next-Gen Cloud Sandboxing Improves Malware Detection and Remediation

by The Gurus
September 21, 2017
in Editor's News
Share on FacebookShare on Twitter

WatchGuard’s new generation of cloud-based sandboxing technology is able to automatically analyse suspicious endpoint files to identify behaviour associated with persistent threats, zero day attacks and evasive malware, to deliver fast and confident endpoint threat remediation. The new service correlates network and endpoint security events – on or off the corporate network – with threat intelligence, to detect, prioritise and enable immediate action to stop malware attacks.
 
Aimed at small and midsize businesses (SMBs), distributed enterprises and managed security service providers (MSSPs), WatchGuard’s latest version of its Threat Detection and Response (TDR) solution introduces direct integration between endpoint host sensors and APT Blocker, WatchGuard’s cloud sandbox solution. With this new TDR update, APT Blocker is extending its powerful next-gen cloud sandboxing capabilities from inside the network to individual devices outside of the network, consuming threat data directly from the endpoint for analysis.
 
“Since we launched TDR, it’s been the only solution out there that combines the power of complete Unified Threat Management (UTM) network security services with endpoint detection and response capabilities,” said Andrew Young, SVP of product management at WatchGuard. “We’ve taken that a step further with our latest updates to TDR, extending APT Blocker’s advanced sandboxing capabilities from the network to the endpoint. Now, users can automatically place a potentially dangerous endpoint file under the microscope to observe its behavioral characteristics and objectives, and respond accordingly.”
 
TDR combines several key elements to enable users to better detect and remediate evasive threats both inside their networks and on their endpoints:
 

  • ThreatSync – WatchGuard’s cloud-based correlation engine, which collects event data in real-time from Firebox appliances, host sensors and enterprise-grade cloud intelligence feeds. ThreatSync analyses this data to generate a threat score that guides either single-click or policy-based automated threat responses.
  • UTM Network Security – WatchGuard Firebox M Series, T Series, FireboxV and Firebox Cloud appliances, as well as existing industry-leading security services that contribute security data from inside the network to ThreatSync for correlation.
  • Host Sensors – a lightweight software agent loaded onto endpoint devices that extends visibility beyond the network perimeter to individual devices. These sensors send data from potentially malicious endpoint security events to ThreatSync and APT Blocker to be analysed, scored and addressed.
  • APT Blocker – leverages a next-generation sandbox to emulate target environments and safely execute potentially malicious files from both the network and endpoint in order to analyse their behaviour. Based on the APT Blocker response, the ThreatSync score is updated, enabling automatic remediation to eliminate the threat.
  • Host Ransomware Prevention (HRP) Module – a lightweight software agent within endpoint Host Sensors that leverages behavioural analysis to identify ransomware-specific characteristics and automatically shut down ransomware assaults pre-encryption. New advanced threat behaviours and characteristics are constantly added in order to ensure that HRP can block emerging attacks.

 
Whenever ThreatSync receives Host Sensor data that classifies an endpoint file as potentially malicious, it analyzes a hash of the malware sample, crossreferencing it with an extensive library of existing threats. If no match is found, TDR uploads the suspicious file where APT Blocker automatically performs deep analysis by detonating it in a controlled cloud sandbox that emulates a physical endpoint in order to analyse its intended behavior and unique characteristics. Once APT Blocker’s analysis is complete, it relays the results to ThreatSync, which then updates the threat score and enables automated remediation.
 
A completely cloud-based solution, TDR’s centrally managed, intuitive interface enables partners to service countless subscriptions without spending as much time at customer sites for new deployments or troubleshooting exercises. With TDR, included in WatchGuard’s Total Security Suite, MSSPs can further differentiate themselves from the competition, win more business, and build an additional recurring revenue stream by monetising continuous, more advanced detection and response services; all with one SKU and one license.
 
Threat Detection and Response Service is now available as part of the WatchGuard Total Security Suite. Host sensor licenses vary based on the Firebox model, and additional sensor packages are available as an add-on offer. For more information, visit www.watchguard.com/TDR.

Tags: CybersecurityTechnology
ShareTweet
Previous Post

Hackers “Strut” in Again… And Equifax (and 143 million customers) is probably just the first to fall victim

Next Post

Utilising Threat Hunting techniques to detect and defend against malware attacks

Recent News

Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages

July 15, 2026
Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026
Lidl Confirms Data Breach After Third-Party IT Provider Hack

Lidl Confirms Data Breach After Third-Party IT Provider Hack

July 14, 2026
Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

July 14, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol