Get webhook notifications whenever WatchGuard Technologies creates an incident, updates an incident, resolves an incident or changes a component status.
Our teams have successfully restored Firebox, Endpoint security, and Wi-Fi data into ThreatSync Core. We estimate Authpoint data will be fully restored by Friday, November 28th. For Managed Services customers, our normal MDR processes and SOC reviews occur as data is restored into ThreatSync Core. All systems remain fully operational, and all underlying security products continue to enforce protections as designed. Thank you for your continued patience and understanding.
Posted Nov 24, 2025 - 15:51 UTC
Update
Our team has successfully restored Firebox data into ThreatSync Core and is continuing the recovery process for Endpoint Security data. We estimate Endpoint Security data will be fully restored by Saturday, November 22nd, at approximately 15:00 UTC. All systems remain fully operational, and all underlying security products (Firebox, Endpoint Security, AuthPoint, ThreatSync+ NDR, and Access Point) continue to enforce protections as designed. Core MDR telemetry collection also remains unaffected.
For Managed Services, detections for Endpoint Security were not impacted. As missing data is restored, our normal MDR process and SOC reviews will occur, except for ThreatSync+ NDR-related events. We will provide further updates as restoration progresses. Thank you for your continued patience and understanding.
Posted Nov 21, 2025 - 15:16 UTC
Identified
On November 17th we identified and resolved a bug in our ThreatSync Core data pipeline that caused a temporary interruption in data processing. As a result, there is a gap in data for ThreatSync Core and Total MDR between Friday, November 14th, 2025, at 19:00 UTC and Sunday, November 16th, 2025, at 12:00 UTC. All systems are processing current data normally and all underlying security products (Firebox, Endpoint Security, AuthPoint, ThreatSync+ NDR, and Access Point) continued to enforce protections as designed. Core MDR telemetry collection also continued. Our team will begin restoring missing data on November 20th, except for NDR events; we will provide updates as this restoration progresses. For Managed Services, only data for Firebox, ThreatSync+ NDR, and AuthPoint were affected, detections for Endpoint Security were not affected, and as missing data is restored, our normal MDR process and SOC reviews will occur except for ThreatSync+ NDR related events. Thank you for your patience and understanding.