15 Hot Products MSPs Need To Know In Security, Cloud, AI

WatchGuard Technologies

WatchGuard is providing MSP partners with a number of differentiators through its endpoint protection combined with endpoint detection and response (EPDR) platform, said Marc Laliberte, director of security operations at WatchGuard, in an interview with CRN.

For instance, the platform offers a “zero trust application service” that company said is superior to the common approach in endpoint security of identifying “suspicious” files—which are then left up to the security practitioner to determine whether the files are malicious or benign, Laliberte said. With the service, “we’re able to 100 percent accurately identify whether something is legitimate or malicious by running it through this attestation process,” he said.

Meanwhile, according to Laliberte, WatchGuard’s EPDR platform also stands out with its approach to detecting and blocking malicious activity in PowerShell, an IT tool in Windows. Since PowerShell is also an important tool for legitimate purposes, WatchGuard EPDR can allow its continued use while also monitoring for indicators that malicious activity may be occurring using behavioral detection, he said.

“If it’s just your tech going in and reconfiguring this file on the system, you’re good to go,” Laliberte said. “But if suddenly [PowerShell] disables the anti-malware scan interface—and maybe it’s running obfuscated code it downloaded from some server—we can kill that process before it’s able to do damage.”