WatchGuard is rolling out a new AI-powered service to MSPs and MSSPs that company executives say will detect and respond to frequent and sophisticated cyberattacks as the IT environment becomes more distributed.
“The ongoing adoption of cloud-first models puts more organizations at a higher risk of confronting increasingly sophisticated, multi-vector threats that traditional detection methods are too slow and reactive to catch,”
Hal Libby, general manager of managed services at WatchGuard, told MSSP Alert. “This leads to a higher risk of breaches, escalating recovery costs, and increased pressure on their already limited IT teams, jeopardizing their business and reputation.”
The Seattle-based company, which offers a unified security platform for MSPs, unveiled Total MDR, a
managed detection and response service that unifies all of WatchGuard’s services onto a single platform and provides enterprise-grade security across its endpoint, network, identity, and cloud security.
The company says the new offering can reduce the detection and response time the industry average of 30 minutes to an average of six minutes, an 80% reduction. That also comes with fewer than one false positive per month, compared with the typical average of more than 250.
“Total MDR uses AI to detect and respond to threats at machine speed, surpassing the capabilities of slower traditional methods,” Libby said, adding that it continuously analyzes thousands of signals for real-time anomaly detection. “By assigning a simple anomaly score to groupings of events across disparate data sources, our AI engine enables autonomous response actions. … It also reviews past incidents to prevent future attacks.”
It comes six months after
WatchGuard bought ActZero to enhance the MDR capabilities it offers MSPs, including automated threat response and AI-powered threat analysis.
MDR Importance Grows in Distributed World
The MDR market is growing quickly, with Fortune Business Insights analysts expecting it to grow an average of 20% a year, from $2.31 billion this year to
$8.34 billion by 2032. The growth is driven by an ongoing shortage of cybersecurity talent, enterprise adoption of the cloud, and the proliferation of the Internet of Things, including increasing cyber threats.
It’s a crowded market that includes high-profile players like CrowdStrike, SentinelOne, Palo Alto Networks, and Trend Micro, giving credence to its importance in the modern IT world.
“The cybersecurity threat landscape is continuously evolving, and security is no longer restricted to protecting endpoints and implementing a firewall around an organization,” cybersecurity firm Cynet – another MDR vendor –
wrote in a column. “Organizations today must actively monitor and hunt for threats. Technologies like SIEM and XDR [
extended detection and response] can correlate data from different sources and help detect threats, but you need appropriate expertise to make the most of them.”
The problem there is that organizations continue to be challenged to find enough skilled personnel, with many turning to service providers.
A Single Platform
Total MDR gives MSPs and MSSPs a single platform for MDR, making it more efficient and effective, Libby said.
“It’s flexible, with customizable runbooks and tailored support,” he said. “Fast onboarding and a multi-tenant platform allow partners to maintain control of their environment. … Expert support, clear reporting, and efficient security reduce workload while strengthening protection.”
This is important for MSPs and MSSPs that often have to juggle myriad portals and vendors, which can make it difficult to see the entire picture of a threat, Libby said.
“Responding to threats across systems is time-consuming and error-prone,” he said. “AI and [machine learning] continuously analyzes signals to catch anomalies in real time and learns from past incidents to stop future attacks.”
Options for MSPs, MSSPs
The service providers can handle the responses themselves or rely on WatchGuard’s security operations center (SOC) team and technical account managers for expert guidance, escalation support, and data-driven insights.
All of this simplifies operations, improves efficiency, and helps partners deliver security across hybrid cloud environments, he said.
WatchGuard’s Total MDR combines endpoint protection, detection, and response (EDR), advanced EDR, Firebox firewalls, AuthPoint multifactor authentication, and network detection and response—all managed through a single portal.
