Over at the Watchguard YouTube channel they have released a new video previewing the next release of Fireware (11.9) and a new service named APT Blocker.
The APT Blocker service will be available for all WatchGuard Unified Threat Management (UTM) and Next-Gen Firewall platforms and detects advanced persistent threats and zero day evasive malware.
The APT Blocker service approaches the detection of malware from behavioral analysis using emulation, rather than known malware signatures:
WatchGuard APT Blocker focuses on behavior analysis to determine if a file is malicious. APT Blocker identifies and submits suspicious files to a cloud-based, next-generation sandbox, where code is analyzed, emulated, and virtually executed to determine its threat potential.WatchGuard APT Blocker’s advanced malware analysis also uses machine-level emulation to detect advanced forms of evasion such as disabling security protocols, changing security settings or stealing passwords. APT Blocker’s full-system emulation approach to sandboxing provides simple, rapid protection that scales to inspect millions of objects at any given time.