Be In It To Win It: Why You Should Be Selling WatchGuard Endpoint .

Be in it to Win it: Why you should be sellingWatchGuard Endpoint Security SolutionsCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

Agenda for today Our evolution as Endpoint Security vendorWhat makes us different?EDR? Why do organizations need it?Product offer and the Value PropositionFrom “trust everything” to Zero-Trust and Threat HuntingHow YOU winCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

Our evolution as anEndpoint Security Vendor2007First in cloud-based scanningReleased the first 100% cloudbased malware analysis tool2012100% Cloud Security2020WatchGuard acquired Panda SecurityPartners and customers can now benefitfrom advanced endpoint threat detectionand response fueled by modern AIcapabilities, behavior profiling techniquesand cutting-edge security eventcorrelation, as well as additionaloperational benefits such as centralizedmanagement across network andendpoint security.First vendor to move the entireportfolio to the cloud2015EPP EDR releasedFirst vendor to release a fullyintegrated single agent EPP and EDR2016Market Guide for EDRPanda Security was included inthe Gartner Market Guide for EDR2017EPP EDR over MSSPanda Security released the Threat HuntingService completely embedded in EDR2019Customer Choice 2019Panda Security was namedCustomer Choice 2019 by GartnerPeer Insights for EDR solutionsCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

What makes us different? We have developed a Zero-Trust Application Service to reducethe UNKNOWNOur mission is to reduce the number of security incidents toZEROWe provide our customers endpoint data that competitors arenot even collectingOur complementary SOC model enables larger organizations tointroduce Forensic ToolsWe transformed the traditional Threat Detection approach into aThreat Hunting ServiceCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

Copyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

What is Endpoint Detection andResponse (EDR)? Endpoint Detection and Response (EDR) platforms are acategory of endpoint security tools, built to provideendpoint visibility and used to detect and respond to cyberthreats and exploits. Gartner’s Senior Analyst Anton Chuvakin defined the termin 2013 as “tools that are primarily focused on detectingand investigating suspicious activities (and traces ofsuch) on hosts/endpoints”.Copyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

Why do organizations need an EDR? They provide an accurate firsthand view of ahacking operation as it unfolds (and traces ofsuch)Critical forensics information, including processactions, file access, network events andconfiguration changes are collected frommanaged endpointsEDR solutions were built to provide completevisibility to endpoints and servers, monitor andspot abnormal behaviors that indicate maliciousactivity.Copyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

What are the essential elements of an EDR?Enabling detectionCross-correlating dataacross multiplesources/environmentsCombining whitelistingwith behavioral analysisObserving endpointactivity withoutinterferingEmpowering incidentremediation andforensics investigationEnabling effectivecleanup and remediationCopyright 2020. WatchGuard Technologies, Inc. All Rights ReservedWorking with yourantivirus

Our propositionCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

WatchGuard Endpoint Security SolutionsNext-Generation Antivirus (EPP)WatchGuard EPP EPP CapabilitiesAdvanced Endpoint Security (EDR)WatchGuard EDR EDR Capabilities Zero-Trust Application & Threat Hunting ServicesWorkstations, laptops,servers and virtualinstancesWindows (Intel &ARM), Linux, macOS(Intel & ARM) andAndroidInside/outsidenetwork, branchoffices and remoteworkersCopyright 2020. WatchGuard Technologies, Inc. All Rights ReservedAdvanced Endpoint Security (EPP EDR)WatchGuard EPDR EPP EDR Capabilities Zero-Trust Application & Threat Hunting ServicesWatchGuard CloudEndpoint Security Management Visibility License tracking

Single Lightweight AgentSIEMFeederData Control Integration with corporate SIEM platformsDetails and context of all endpoint activityCEF, LEEF, Syslog and Kafka supportInventory and PII file classificationReal-time PII monitoringDelete PII in filesFull Encryption Patch Management Microsoft and 3rd party applications patchingEnd-of-Life application managementPatch rollback and Windows Update service controlOn-demand or scheduled patching tasksAdvanced Reporting Tool WatchGuard EPDR Panda Adaptive Defense 360 Protection against sophisticated targeted attacksDetection of unknown exploitsVirtual patching for unsupported systemsMachine Learning and Deep LearningZero-Trust Application ServiceContainment and Remediation featuresThreat Hunting Service Preconfigured & customizable dashboards, reports and alertsDashboards, widgets, and predefined queries for security KPIsKPIs for vulnerable applications, access data and files, shadow filesRaw data from: endpoint operations, network connections, data access,processesEndpoint data retention: 12 monthsWatchGuard EPP Panda Endpoint Protection Plus Copyright 2020. WatchGuard Technologies, Inc. All Rights ReservedManaged Full Disk Encryption with BitLockerCentralized management of recovery keysCentralized encryption policiesEncryption dashboards, widgets and reportingAnti-malware and HIPS protectionManaged Endpoint FirewallDevice ControlHardware/software inventoryWeb browsing monitoring and filtering

WatchGuard TORAUTHENTICATIONENDPOINTPROTECTIONSimplify Every Aspect of Security DeliveryCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

Value proposition WatchGuard empowers Partners to deliver exceptionalcustomer value through a combination of innovative serviceoriented products, enablement, and purchasingprograms that complement more comprehensive IT solutionsbuilt to meet customer needs:––––––––Complexity reduction,Secured everywhere,Analytics and visibility,Monitoring internal security to understand external threats,Protecting business-critical systems,Defend endpoints from advanced threats,Increase efficiency with deep-sight data analysis,Lighten security administration footprint.Copyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

Matching your profile and the value propositionStraightforward solutions for partnerswho focus on volumeOur more complex solutions for partners with astrong focus on service deliverySolutions for partners who deliver managedsecurity services to their customersEndpoint ProtectionNext-Gen Endpoint ProtectionEndpoint Detection and ResponseManaged Detection and ResponsePanda Endpoint Protection PlusWatchGuard EPPWeb Access ControlAdaptive Defense / Adaptive Defense 360WatchGuard EDR / WatchGuard EPDRPatch ManagementEndpoint Detection and ResponseFull Disk EncryptionAdvanced Reporting ToolThreat HuntingPatch ManagementSystems ManagementSystems ManagementMobile Device ProtectionSIEMFeederData AnalyticsDevice ControlData Protection (GDPR-centric)CyberSOC ServicesCopyright 2020. WatchGuard Technologies, Inc. All Rights ReservedManaged EDR Services

“Trust everyone, run everything” Pre-ExecutionMalware signaturesURL ReputationHeuristicsDeny-list rulesetsVENDOR KNOWLEDGEAnomalous behavior detectedExecution Live or Sandbox execution Based on behavior (ML, AI,VENDOR TECHNOLOGYother technologies) Good vs. BadPost ExecutionPartiallyRecoveredrecoveredCopyright 2020. WatchGuard Technologies, Inc. All Rights ReservedLostMachine Learning, AI o otrastecnologías pueden no decidirlo suficientemente rápido y esposible que se requiera unareversion (rollback)VENDOR SERVICES

From “Trust Everyone” to “Trust No One”VENDOR KNOWLEDGE Malware signaturesURL ReputationHeuristicsDeny-list rulesetsPre-ExecutionVENDOR TECHNOLOGY Live or Sandbox execution Based on behavior (ML, AI, othertechnologies) Good vs. BadAnomalous ication ClassificationCopyright 2020. WatchGuard Technologies, Inc. All Rights ReservedMalwareZERO-TRUSTAPPLICATION SERVICEVENDOR SERVICESMachine Learning, AI or other technologiesmay not decide fast enough, and rollbackmay be requiredPartiallyRecoveredrecoveredLostPost ExecutionThreat HuntingExecution monitoring

Our unique protection model. ResultsMALWARE-BASED INFECTIONS ESCALATED TO OUR LABS PER MONTH 2014-2020Analysts move from reactively responding tocompromised customers to proactively notifyingthem about suspicious activity in their endpointsCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved“The Zero-Trust Application Service can drasticallyreduce the threat surface of endpoints.”Gartner Magic Quadrant for EPP, 2018.

Threat Hunting Service LotL (Living-off-the-Land) and fileless attacks are a growingconcern: they are more difficult to detect and make it easier forcybercriminals to attack stealthily Hacker detection Find attackers using Living-off-the-Land techniques Lateral movements Compromised credentials Identification of malicious employees User behavior modeling New or improved IoAs produced to block before damage Our Cybersecurity Team continuously monitors endpoint activity inreal time in the form of event telemetry (12 months). In case of a validated breach, the Cybersecurity Team notifies thecustomerCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

WatchGuard Endpoint Protection ModelWatchGuard EPPSignatures (local, cloud)PREEXECUTIONCopyright 2020. WatchGuard Technologies, Inc. All Rights ReservedSignatures (local, cloud)Signatures (local, cloud)HeuristicsHeuristicsURL ReputationURL ReputationContext & Behavior AnalysisEXECUTIONPOSTEXECUTIONWatchGuard EDR WatchGuard EPDRZero Trust Security ModelZero Trust Security ModelZero-Trust Application ServiceZero-Trust Application ServiceMachine Learning and AIMachine Learning and AIAdvanced Threat ProtectionAdvanced Threat ProtectionZero Trust Security ModelZero Trust Security ModelContext & Behavior AnalysisContext & Behavior AnalysisAnti-exploits & Virtual PatchingAnti-exploits & Virtual PatchingThreat Hunting ServiceDisinfectionThreat Hunting ServiceContainment andRemediation featuresContainment andRemediation featuresThreat Hunting ServiceThreat Hunting Service

How you win Stop ransomware TODAY with a high security postureGet an “endpoint security team” with Service-as-a-FeatureIdentify and automate incident remediationMitigate time spent on vulnerability and threat research toprioritize patchesReduce the number of agents deployed (including EPP, EDR,SW/HW inventory, full disk encryption, patching)Deliver real-time insights into day-to-day application, userand network activityCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

The differentiationUnified SecurityPlatformZero-TrustApp ServiceA single pane of glassfor security delivery &lightweight endpointagentPrevent, detect andrespond to known andunknown advancedthreats without addedcost or complexityCopyright 2020. WatchGuard Technologies, Inc. All Rights ReservedSimplicityFlexibility andExtensibilityEasy and straightforwardto configure, deploy, andcentrally manageA single agent for acomplete range ofproducts/modules thatallow scaling as partnersand customers grow

22Q&ACopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

23Thank youCopyright 2020. WatchGuard Technologies, Inc. All Rights Reserved

Microsoft and 3rd party applications patching End-of-Life application management Patch rollback and Windows Update service control On-demand or scheduled patching tasks Full Encryption Managed Full Disk Encryption with BitLocker Centralized management of recovery keys Centralized encryption policies