Host Containment
I am pleased to announce the availability of Threat Detection and Response 5.5. This release of TDR introduces a powerful new response capability, Host Containment, which enables operators to contain infected host machines. When a threat is identified, ThreatSync quickly moves to contain the host endpoint, preventing the spread of malware to other points in your network. The Host Containment feature also makes it possible to isolate machines when they are outside of your network, alleviating cases where an infected host returns “home” and unintentionally infects the network. If you are a customer or partner using TDR today, you already have access to TDR 5.5, and can begin using the feature immediately. To get started, visit the WatchGuard Help Center to learn how to configure host sensors, and establish containment policies.
Artificial Intelligence
TDR 5.5 also streamlines the advanced threat triage capability of ThreatSync, by introducing a new artificial intelligence engine to aid in the identification and classification of files. ThreatSync uses AI to automatically analyze combinations of features to determine if a file possesses suspicious characteristics, before sending the file for further analysis in APT Blocker. This prevents truly suspicious files from going undetected and allows you to identify real threats with more confidence.
Additional Included Features
- System tray notifications about relevant TDR events.
- The ability to pause protection when needed.
- Host Sensor auto-update control.
Want to get an early look at what’s next in TDR? Join the WatchGuard Beta program today!