WatchGuard’s XDR Solution ThreatSync Is Here!

13 Mar 2023
02 March 2023 By Carlos Arnal


XDR or eXtended Detection and Response is a new term but not a new concept for us. In 2017, WatchGuard launched the first version of ThreatSync and our first Cloud-based XDR solution that correlated data from network and endpoint solutions. In 2020, with the acquisition of Endpoint Security solutions, we started integrating these solutions under one single platform.

Five years later, we are launching a new version of ThreatSync that equips you with XDR capabilities to centralize cross-product detections and orchestrate the automated response to threats from a single pane of glass. It simplifies cybersecurity while improving visibility and response to threats across the organization faster, reducing risk and cost and providing higher accuracy that would otherwise be impossible.

What is ThreatSync?

Now, ThreatSync is a comprehensive and simple-to-use XDR solution included as part of WatchGuard’s Unified Security Platform® architecture that unifies cross-product detections and speeds up the response to threats from a single pane of glass.

Why ThreatSync?

The cybersecurity industry has long been operating in siloes where security tools don't communicate with each other. ThreatSync is also our entry into the XDR market. The market trend of vendor consolidation and the need to defend organizations against constantly evolving threats have produced a demand for a product that functionally ties our portfolio together.

In addition, IT security teams are long overdue for a solution that provides a comprehensive security posture. Now with ThreatSync, we are equipping you with a centralized incident intelligence tool to consolidate security and provide extended detection and response capabilities to your customers.

What are the main benefits?

  • Simple to Use with Zero Configuration: WatchGuard delivers XDR features for a skills-deprived market with an intuitive interface and automation for partners and MSPs
  • Comprehensive Security: by unifying data and alerts into a single platform where solutions can work together to prioritize and respond to threats to protect environments, users, and devices
  • Reduce Security Team Burdens: by automating the threat detection and response process and freeing up time and resources for security teams
  • No Added Costs to Access XDR: XDR is an essential tenet of effective cybersecurity for every security team. WatchGuard puts XDR at your fingertips through ThreatSync, which reduces the expenses associated with configuring and integrating multiple point solutions in-house without additional fees

Key Features

  • Unified Threat Visibility: ThreatSync gathers and displays cross-detections from computers, servers, and firewalls in a single interface without admins needing to learn and use multiple consoles
  • Unified Threat Detection: ThreatSync correlates operations automatically and related activities from individual security layers working in concert to alert admins of any suspicious activity
  • Unified Automated Response: ThreatSync enables IT and security teams to work more efficiently since it provides the ability to schedule, automate, or run on-demand response actions to threats faster across the enterprise
  • Security Orchestration: combine security orchestration and automated response to provide an organization with a more comprehensive and cohesive security posture

What else is new with this release?

WatchGuard's Threat Detection and Response (TDR) Host Sensor, included as part of the Total Security Suite license, is replaced with WatchGuard EDR Core. As you may know, TDR correlated network and endpoint security events with threat intelligence to detect, prioritize and enable immediate action against threats. Now, with WatchGuard EDR Core, we are adding the primary endpoint detection and response (EDR) capabilities based on our endpoint security solution, WatchGuard EDR.

What is EDR Core?

WatchGuard EDR Core complements other next-gen antivirus solutions, protecting against APTs, fileless and malwareless attacks, and advanced ransomware that traditional solutions cannot detect. WatchGuard EDR Core is fully integrated into ThreatSync, providing complete visibility to any malicious activity that bypasses traditional security solutions. EDR Core installs on top of existing AV solutions to add EDR capabilities and ThreatSync (XDR) correlation, and remediation features.

Need more info?



WatchGuard continues to develop new products and features to meet your security needs. Please reach out to the WatchGuard team if you have any questions or want to deliver simplified security solutions.