Unified security platform provider WatchGuard Technologies bought ActZero to bolster the managed detection and response (MDR) service it provides to MSPs, and which has been in high demand since the Seattle-based company launched it 16 months ago.
ActZero brings with it MDR capabilities that include automated and fast threat response and AI-powered threat analysis and will become the foundation of WatchGuard’s MDR product line, bringing an open architecture and greater that extends beyond WatchGuard and its Firebox appliances and services to third-party services like Microsoft Defender.
No financial details of the deal were released.
Bringing ActZero into the fold will deliver new MDR services and support to WatchGuard’s own offerings and allow it to scale to meet the demand that’s continued to grow since the company launched it in October 2023, according to WatchGuard CEO Prakash Panjwani. With ActZero comes the ability to add capacity and new technology to stretch its MDR service throughout the WatchGuard portfolio and third-party products.
“With additional scale, we can handle a larger partner base efficiently, building confidence with our partners so they can easily add more services as we expand our MDR capabilities,” Panjwani said in a statement. “ActZero has built its service with this kind of scaled customer experience in mind.”
The high demand for WatchGuard’s MDR was driven by enabling MSPs to add the technology to their portfolios without having to invest in traditional SOC infrastructure, advanced technologies, or security experts, according to the company, which sells to more than 17,000 MSPs.
A Win for MSPs
According to Andrew Young, chief product officer and senior vice president of product management at WatchGuard, adding ActZero to WatchGuard will be a boon for MSPs.
“Experienced MSPs want to offer advanced MDR services to best protect clients, but may struggle to scale up a SOC and drive efficiency through automation,” Young told MSSP Alert. “ActZero’s patent-pending Sixth Sense AI outpaces threats at machine speed by analyzing disparate signals and spotting patterns across platforms, ensuring that SOC analysts respond quickly to emerging threats.”
MDR is a key cog in WatchGuard’s Unified Security Platform, offering endpoint monitoring and Microsoft 365 activities, threat hunting, detection, investigation, and containment, with guided recommendations for remediation. The technology is becoming increasingly important, with the threat landscape expanding, a widening talent gap and an increasingly distributed IT environment. These factors all conspire to make finding and responding to threats as important as keeping them out.
Analysts with Fortune Business Insight are predicting the global MDR market will grow from $1.89 billion last year to $8.59 billion by 2032. MSPs will benefit from that growth.
Demand for WatchGuard MDR Grows
“When utilizing a third party to manage your MDR services, you gain access to knowledgeable cybersecurity experts dedicated to ensuring your organization’s safety,” Young said. “Additionally, as your organization scales, third-party cybersecurity organizations are already equipped with the tools they need to help your organization stay secure.”
He added that WatchGuard’s focus right now is on companies with smaller IT teams looking for enterprise-grade technologies but cost efficiencies and simplicity in their cybersecurity solutions. However, that will likely change.
“We believe that due to the cost, complexity, and velocity of the overall cyber-landscape, coupled with a lack of skilled InfoSecurity professionals, we’ll see the trend of larger enterprises utilizing MDR providers to oversee their security operations,” Young said.
Sixth Sense AI Gives MDR a Boost
Integrating the Sixth Sense AI technology into WatchGuard’s portfolio is important, adding that “given the relentless volume of cyberattacks, the integration of AI to automate the detection and response to those attacks provides great value to MSPs who value efficiency.”
However, he warned that AI capabilities in cybersecurity tools can backfire if they create a lot of alerts and false positives. Any efficiency gains can be lost if that happens. In ActZero’s case, the AI-enhanced detection reduces false positives and generates fewer than six alerts a month, and its around-the-clock SOC responds to threats in fewer than six minutes, on average.
“Further integrating AI into WatchGuard’s MDR offerings also allows for even faster threat detection, improved SOC efficiency, and increased security efficacy,” Young said. “This enables the platform to continue to outpace threats at machine speed by analyzing disparate signals and spotting patterns across platforms, ensuring that SOC analysts respond quickly to emerging threats.”
