Fileless malware and zero-day exploits are some of the most devastating threats facing small and midsize enterprise organizations today. WatchGuard IntelligentAV service provides an additional signature-less, antivirus engine to defend users against such threats and further augment the award-winning WatchGuard cybersecurity portfolio.
IntelligentAV brings more than just supervised machine learning pre-processing, or data-mining to WatchGuard’s expanding security stack, this is the first addition of machine learning directly to a network security platform. As opposed to other solutions that see a co-mingling of signature-based antivirus solutions, the WatchGuard Unified Threat Management (UTM) platform uses two forms of anti-malware scanning at the network layer: (1) signature-based behavioral detection (Gateway AntiVirus) and (2) machine-learning-based detection with IntelligentAV. This composition of dual anti-virus engines on a network gateway appliance is a transformational push to attack the rise of increasingly evasive malware that tends to bypass signature based detection.
The IntelligentAV platform was designed over a multi-year period, analyzing 1 billion+ file samples (including Microsoft Office documents, portable executables, PDFs, and Mach-O files, etc.), 20+ PB of storage, and thousands of CPU cores to develop a pure machine-learning AV engine that encompasses the following algorithms and neural network approaches:
- Logistic Regression
- Decision Tree Analysis
- LSTM Neural Network
- Convolution Neural Network
- DBSCAN Clustering
These algorithms have not only demonstrated academic success in the research field of computer-aided artificial intelligence, but have also been proven in industries that focus on identifying consumer behavior, image classification in gaming, as well as computationally intensive tasks, that were exclusively the domain of room-filling supercomputers and/or humans.
Given the climate of increasingly sophisticated cyber penetration tools and file obfuscation tools used by malicious online actors, WatchGuard is proud to deliver IntelligentAV as another crucial component of the UTM and continue to lead the industry in protection for enterprises large and small.
How can I get started?
Qualifying Firebox M-series appliances with active Total Security Subscriptions can obtain this update without additional charge by downloading the applicable packages from the WatchGuard Software Download Center for Fireware 12.2.