Events

The 2025 MITRE ATT&CK Evaluations (Enterprise Round 7) introduced a fundamental shift in how endpoint security effectiveness is measured. Beyond detection coverage, MITRE now exposes operational friction—alert noise, false positives, and business disruption caused by overly aggressive controls.

In this session, we analyze Scenario 1, “Hermes”, a real-world inspired cyber-espionage campaign modeled after Mustang Panda. This low-and-slow adversary leverages living-off-the-land techniques, legitimate administrative tools, and stealthy lateral movement to evade traditional defenses. For the first time, MITRE explicitly injected legitimate administrator activity to test whether security platforms could differentiate real attacks from normal IT operations.

WatchGuard’s results demonstrate that high-fidelity detection and early-stage prevention do not require sacrificing operational efficiency. Attendees will learn how WatchGuard achieved full attack visibility, zero legitimate activity disruption, and early blocking of malicious actions—proving that precision, not noise, is the future of endpoint security.

The WatchGuard Agent brings endpoint operations under one roof with a single, lightweight installer that unifies Endpoint Security, MDR, FireCloud, and NDR collectors, all managed from WatchGuard Cloud for streamlined control and automated updates.

In this sales engineer–led session, we’ll highlight:

• the current and future products that will be covered by this universal installer
• its ability to provide granular control over which machines have what software installed on them
• cover the options to distribute this software to client devices

The WatchGuard Zero Trust Bundle brings identity confidence, device integrity, and secure access together in a single, cloud-delivered architecture that can be deployed with minimal overhead. A single purchase delivers the complete zero trust solution, and a single agent deploys it seamlessly across your environment. Key components include: Total Identity Security,  EPDR (Endpoint Protection, Detection & Response) & FireCloud Total Access. 

WatchGuard's ThreatSync+ NDR is a cloud-based, network-centric Network Detection and Response solution that helps organizations identify, detect, and respond to network-based cyberattacks through advanced artificial intelligence and machine learning capabilities. ThreatSync+ NDR runs in the WatchGuard Cloud, seamlessly integrating with WatchGuard Firebox, third-party firewalls, switches and routers to deliver enterprise-level cyber defense across hybrid networks.

In this webinar, WatchGuard Sales Engineers will discuss best practices including:

• Defining network zones and subnets
• Policy recommendations
• Recommended Alerts and Notification rules
• How to review and respond to Smart Alerts

Join us to learn how NDR can detect anomalous behaviour within your network, prevent sophisticated attacks, and strengthen your organization’s security posture.

In this session, WatchGuard experts will uncover the hidden risks of SSL VPNs and explain how a zero trust approach can eliminate those weaknesses. Learn how to deliver faster, safer, and simpler access for every user, without the overhead and risk of remote user VPNs.

What You’ll Learn:

• Why VPNs have become one of the most exploited attack vectors
• The real cost of keeping remote user VPNs running
• How zero trust access simplifies security for hybrid environments
• How MSPs are modernizing defenses with zero trust access services

Join us for a live demo of WatchGuard FireCloud Internet Access, a cloud-native secure web gateway (SWG) and firewall as a service (FWaaS) solution that protects users wherever they work. See how FireCloud enforces consistent security policies, blocks threats in real time, and provides full visibility into user activity – all from a single, scalable platform built for modern remote access.

This demo will provide an overview of WatchGuard’s ThreatSync Network Detection and Response (NDR) solution.

Follow along as our Sales Engineer demonstrates:

• How to identify high-risk devices using threat scoring
• How smart alerts detect suspicious network behaviors
• How policy alerts identify violations of network access policies, such as unauthorized RDP connections
• How reports like the Ransomware Prevention Report can help you manage risk

Join WatchGuard CSO Corey Nachreiner and Director of Security Operations Marc Laliberte as they discuss key findings from the WatchGuard Threat Lab’s H2 2025 Internet Security Report, the first of our biannual release version of the report. 

During Inside the Threat Landscape: Biannual Cybersecurity Briefing, they’ll cover the latest malware and network attack trends targeting small and midsize enterprises, along with defensive tips you can take back to your organization to stay ahead of modern threat actor tactics.

In this webinar, you’ll learn:

• Top malware and network attack trends that targeted small and midsize businesses globally
• Detailed examples of how top threats looked to their victims
• Most-common infection vectors of malware on endpoints
• And much more…

This demo will show how WatchGuard EPDR checks every application before it runs, blocks anything it doesn't recognize, and uses smart AI to figure out what's safe and what's not. You will see how it gives the full picture of any threat, helps you close security holes, and finds and fixes software vulnerabilities.

This demo will provide a look at the new ActZero + WatchGuard MDR service! We'll show you how the partner portal makes it easy to see what's going on with your security, simplifies communication with the security team, and helps you stay in control of your customers’ environments.

Follow along with our Sales Engineer as they show how WatchGuard solutions can support your IT and security business needs.

Key highlights include:

• An overview of our portfolio, which includes network security, endpoint security, identity, and Wi-Fi security
• How to build customized dashboards and notification systems
• How you can save time with automated deployment and firmware upgrades

Today’s remote workers need fast, secure access to cloud apps and the open Internet, without adding complexity for IT. Join us for a live demo of WatchGuard FireCloud Internet Access, a cloud-native secure web gateway (SWG) and firewall as a service (FWaaS) solution that protects users wherever they work. See how FireCloud enforces consistent security policies, blocks threats in real time, and provides full visibility into user activity – all from a single, scalable platform built for modern remote access.

This demo will provide an overview of WatchGuard’s ThreatSync Network Detection and Response (NDR) solution.

Follow along as our Sales Engineer demonstrates:

• How to identify high-risk devices using threat scoring
• How smart alerts detect suspicious network behaviors
• How policy alerts identify violations of network access policies, such as unauthorized RDP connections
• How reports like the Ransomware Prevention Report can help you manage risk

This demo shows how WatchGuard EPDR checks every application before it runs, blocks anything it doesn't recognize, and uses smart AI to figure out what's safe and what's not. You will see how it gives the full picture of any threat, helps you close security holes, and finds and fixes software vulnerabilities. 

This demo will provide a look at the new ActZero + WatchGuard MDR service! We'll show you how the partner portal makes it easy to see what's going on with your security, simplifies communication with the security team, and helps you stay in control of your customers’ environments.