WatchGuard Advanced EPDR
The advanced version of WatchGuard Protection, Detection and Response

EPDR

WatchGuard Products

WatchGuard Advanced EPDR - 1 Year

WatchGuard Advanced EPDR - 1 Year - 1 to 50 Licenses

#WGAEPDR30101
Our Price: $86.50

WatchGuard Advanced EPDR - 1 Year - 51 to 100 Licenses
Minimum 51 quantity

#WGAEPDR30201
Our Price: $76.00

WatchGuard Advanced EPDR - 1 Year - 101 to 250 Licenses
Minimum 101 quantity

#WGAEPDR30301
Our Price: $67.50

Click here to jump to more pricing!

Overview:

SHIFT FROM SECURITY MANAGEMENT TO SECURITY OPERATIONS

The advanced version of WatchGuard EPDR provides all the capabilities you’ll find in our standard EPDR, but with additional features to proactively search for compromised endpoints or harden them against the most common malwareless attack techniques. Combined with the cross-product correlation our Unified Security Platform architecture provides, Advanced EPDR heightens security efficacy against sophisticated attacks.

CYBERSECURITY CHALLENGES

Endpoints are the primary target for most cyberattacks. As the technology infrastructure becomes more complex, organizations struggle to find the expertise necessary to monitor and manage endpoint security risks. So, what types of challenges are security teams facing when adopting endpoint security solutions?

Ever-evolving sophisticated threats: Efficient, proactive security practices can mean distinguishing between a minor security operation or being a victim. These practices range from reducing the attack surface to uncovering emerging threats before an actual compromise.
Alert fatigue, lack of efficiency: Security teams receive thousands of weekly alerts, of which only 19% are considered trustworthy, and only 4% are investigated. Two-thirds of security teams’ time is dedicated to managing alerts and classifying suspicious files manually.
Poor performance: Frequently, endpoint security solutions require installation and management of multiple agents on each monitored computer, server, and laptop, causing serious errors, poor performance and high resource consumption.

As defenders, security teams need autonomous prevention, detection, and response solutions and arms to easily hunt and respond to threats lurking in the environments, taking the security stack to the next level to minimize adversaries’ dwell time.

LEVEL UP YOUR CYBERSECURITY SERVICES

WatchGuard Advanced EPDR is a cutting-edge cybersecurity solution delivered from the Cloud for computers, laptops, and servers. It automates the prevention, detection, containment, and response to any advanced threat, inside and outside the corporate network.

It combines preventive and EDR technologies with two security services:

Zero-Trust Application Service: Cloud-based machine learning automatically classifies all files
Threat Hunting Service: behavioral analytics to uncover threat actors utilizing living-off-the-land (LotL) techniques.

WatchGuard Advanced EPDR extends WatchGuard EPDR by adding to your technology stack hunting tools, such as IOCs search engine, advanced IOAs detections mapped to MITRE ATT&CK, and remote access to endpoints for rapid investigation and response.

WatchGuard Advanced EPDR integrates traditional endpoint technologies with EDR technologies in a single solution, allowing security teams to deal with advanced cyber threats.

Attack Surface Reduction tools

Centralized endpoint Security Risk detection and scoring
Unmanaged endpoint proactive detection
OS and hundreds of Applications vulnerability assessment

Traditional Preventive Technologies

Personal or managed firewall (IDS)
Device control
Application Control: Deny list / Allow list
Permanent multi-vector anti-malware & on-demand scan
Pre-execution heuristics
URL filtering – web browsing
Anti-phishing and Anti-tampering
Attacks detected through network traffic analysis
Automatic remediation and ability to rollback
Recover encrypted files with shadow copies

Hunting and Detection Technologies

Continuous endpoint monitoring with EDR
Zero-Trust Application and Threat Hunting Services
Sandboxing in real environments
Anti-exploit protection
Indicators of attack (IOAs) mapped to MITRE ATT&CK
Automated detection and containment of RDP attacks
STIX indicators of attack (IOCs) and YARA rules searches
Deny the execution of common attack techniques with enhanced security policies

Containment and Remediation Tools

Computer isolation and reboot of systems
Remote shell from the Cloud to endpoints

ZERO TRUST MODEL: A LAYERED PROTECTION

WatchGuard’s Endpoint Security platform doesn’t rely on just one single technology. We implement several together to reduce the opportunity for a threat actor to succeed. Working in concert, these technologies utilize resources at the endpoint to minimize the risk of a breach.

ENDPOINT LAYERS:

Layer 1/ / Enhanced Security Policies Detect or block the execution of common attack techniques

Layer 2 / Signature Files, Heuristic Technologies and STIX IOCs Search Engine enables security teams to hunt for recently disclosed attacks by hash, filename, path, C2 domain, IP, and YARA Rules

Layer 3 / Contextual Detections of malwareless attacks using OS tools such as PowerShell, WMI, web browsers, and other commonly targeted applications such as Java, Adobe, and more.

Layer 4 / Anti-Exploit Technology It enables us to detect fileless attacks designed to exploit vulnerabilities

CLOUD-NATIVE LAYERS

Layer 5 / Zero-Trust Application Service Classifies 100% of processes before they run, denying any execution until it is certified as trusted

Layer 6 / Threat Hunting Service It enables us to detect compromised endpoints, early stage attacks, suspicious activities, and detection of IoAs . Nondeterministic IOAs are contextualized in the Cloud-based console with the associated events, enabling security analysts to investigate potential attack attempts.

IMPLEMENT POWERFUL, SIMPLIFIED SECURITY WITH WATCHGUARD’S UNIFIED SECURITY PLATFORM

WatchGuard Unified Security Platform architecture is a single platform for elevating modern security delivery.

Our platform approach helps you deliver powerful security services for every threat vector with increased scale and velocity while supporting operational efficiencies and greater profitability.

Features:

Close Security Gaps, Stay Ahead of Threats

Today's threat techniques are highly sophisticated and continuously evolving. Simple yet efficient hygiene practices can mean the difference between a minor security operation and becoming a victim. These practices range from reducing the attack surface of the endpoints to uncovering emerging campaigns lurking on the network before an actual compromise.

Boost Your Threat Hunting and Investigation Skills

In addition to the extra layer of protection of Zero-Trust Application Service, which automatically classifies and blocks all malicious applications, WatchGuard Advanced EPDR continuously monitors endpoint activity empowering security teams to stay ahead of potential breaches, enabling them to focus on detecting, investigating, and responding to even the weakest signals of suspicious behaviors, all mapped to MITRE ATT&CK Framework.

Centralize IoC-Based Hunting

WatchGuard Advanced EPDR offers a simple way to centrally manage and search for IoCs on the endpoints while consolidating the results in an intuitive dashboard. It enables your team to quickly hunt for recently disclosed incidents or exchange of security intelligence in your industry as well as find impacted endpoints in a forensic analysis. Different types of indicators are supported – hashes, filename, path, domain, IP, and Yara rules.

Remotely Investigate and Remediate an Incident

Real-Time Remote Shell is a powerful tool that allows you to access endpoints from the Cloud console, without requiring physical access to the endpoints for investigation, containment, and remediation actions, including command line operations, manage processes, manage services, manage and transfer files, scripts, etc.

Monitor or Block Living-off-the-Land Attacks

The enhanced security policies enable you to supervise or harden endpoints from the execution of suspicious scripts and common attack techniques utilized by sophisticated threats such as:

PowerShell with obfuscated parameters
Unknown scripts
Locally compiled programs
Documents with macros
Registry modifications that run when Windows starts

Benefits:

Cost-Effective Operations - No More Wasted Time on Suspicious Files

Like WatchGuard EPDR, the Zero-Trust Application Service gives your team back all that time dedicated to reverse engineering suspicious files that other solutions alert on without closing the loop and delegating the last verdict to you.

Comprehensive Endpoint Security to Tailor to Your Services

WatchGuard Advanced EPDR provides a comprehensive range of capabilities to strengthen endpoint security programs, including attack surface reduction, threat prevention, detection, and response, proactive hunting tools and remote endpoint connection for prompt response.

Enhanced Hunting and Response at Your Fingertips

Thanks to centralized IOC searches, WatchGuard Advanced EPDR enables security teams to discover threats without dealing with complex queries. Its Threat Hunting Service delivers IOAs contextualized with telemetry for further investigation.

Scalable Managed Security Services to Grow at Your Pace

WatchGuard’s Unified Security Platform Architecture
Brings comprehensive security from network to endpoint, Wi-Fi, and identity, with unparallel platform features, at no additional cost. The more services you adopt, the greater your operational and business benefits.

Compare:

WatchGuard Advanced EPDR enables you to adopt a more proactive security stance, stay ahead of potential cyber threats and strengthen your security program by adopting a more proactive posture with advanced capabilities on top of WatchGuard EPDR.

	Watchguard EDR	Watchguard EPDR	Watchguard Advanced EPDR
Proactive endpoint security within WatchGuard’s Unified Security Platform architecture
Lightweight Cloud-based agent
Zero-Trust Application Service: pre-execution, execution and post-execution
In-memory behavior anti-exploits
Endpoints Risk Monitoring
Threat Hunting Service: Behavior analytics ― high fidelity IOAs detection mapped to MITRE ATT&CK
Persistent malware detections. Collective Intelligence lookups in real time
IDS, firewall and device control
Web browsing protection and Category-based URL filtering
STIX and YARA rules IOCs search at the endpoints
Threat Hunting Service: Behavior analytics – Non-deterministic IOAs detection mapped to MITRE ATT&CK
Contextual telemetry that allows non-deterministic IoA investigation
Advanced security policies to reduce the attack surface
Remote Shell from the Cloud: Click, connect, and manage endpoint processes, services, misconfigurations, files, and more

Documentation:

Download the WatchGuard Advanced EPDR (.PDF)

Pricing Notes:

Pricing and product availability subject to change without notice.

WatchGuard Products

WatchGuard Advanced EPDR - 1 Year

WatchGuard Advanced EPDR - 1 Year - 1 to 50 Licenses

#WGAEPDR30101
Our Price: $86.50

WatchGuard Advanced EPDR - 1 Year - 51 to 100 Licenses
Minimum 51 quantity

#WGAEPDR30201
Our Price: $76.00

WatchGuard Advanced EPDR - 1 Year - 101 to 250 Licenses
Minimum 101 quantity

#WGAEPDR30301
Our Price: $67.50

WatchGuard Advanced EPDR - 1 Year - 251 to 500 Licenses
Minimum 251 quantity

#WGAEPDR30401
Our Price: $60.50

WatchGuard Advanced EPDR - 1 Year - 501 to 1000 Licenses
Minimum 501 quantity

#WGAEPDR30501
Our Price: $52.00

WatchGuard Advanced EPDR - 1 Year - 1001 to 5000 Licenses
Minimum 1001 quantity

#WGAEPDR30601
Our Price: $45.00

WatchGuard Advanced EPDR - 1 Year - 5001+ Licenses
Minimum 5001 quantity

#WGAEPDR30701
Our Price: $39.00

WatchGuard Advanced EPDR - 3 Year

WatchGuard Advanced EPDR - 3 Year - 1 to 50 Licenses

#WGAEPDR30103
Our Price: $207.50

WatchGuard Advanced EPDR - 3 Year - 51 to 100 Licenses
Minimum 51 quantity

#WGAEPDR30203
Our Price: $182.50

WatchGuard Advanced EPDR - 3 Year - 101 to 250 Licenses
Minimum 101 quantity

#WGAEPDR30303
Our Price: $162.00

WatchGuard Advanced EPDR - 3 Year - 251 to 500 Licenses
Minimum 251 quantity

#WGAEPDR30403
Our Price: $145.50

WatchGuard Advanced EPDR - 3 Year - 501 to 1000 Licenses
Minimum 501 quantity

#WGAEPDR30503
Our Price: $124.50

WatchGuard Advanced EPDR - 3 Year - 1001 to 5000 Licenses
Minimum 1001 quantity

#WGAEPDR30603
Our Price: $108.00

WatchGuard Advanced EPDR - 3 Year - 5001+ Licenses
Minimum 5001 quantity

#WGAEPDR30703
Our Price: $93.50

WatchGuard Advanced EPDR The advanced version of WatchGuard Protection, Detection and Response