watchTowr Advances Preemptive Exposure Management with Active Defense for Automated Mitigation

SINGAPORE & LONDON & NEW YORK--(BUSINESS WIRE)--watchTowr, the leader in Preemptive Exposure Management, today announced major capability enhancements, including the launch of Active Defense, a new capability that closes the gap between discovery and protection. Active Defense delivers automated, intelligence-driven protection the moment a validated exposure is identified, providing defenders with near-instant coverage when traditional patches or vendor guidance are unavailable. These updates advance watchTowr’s mission to stay ahead of the threat curve—being first to rapidly react to emerging threats and vulnerabilities, first to reproduce them with precision, and now first to enable customers to protect themselves from emerging threats.

As attackers exploit emerging vulnerabilities within hours—or even minutes—security teams are under increasing pressure to respond. Active Defense closes those gaps, delivering immediate, automated protection, giving teams a real head start.

Fueled by watchTowr Labs—the company’s in-house APT team known for uncovering zero-days, novel attacker techniques, and internet-wide exposures—the watchTowr Platform continues to amplify that research, not just by rapidly identifying exposed systems, but also by providing concrete capabilities to mitigate exposure before attackers strike.

watchTowr has long enabled clients to get ahead of emerging threats and in-the-wild exploitation via its Labs research, targeted hunts, and, more recently, its AI-driven Rapid Reaction capability. Active Defense now takes this further by leveraging this industry-leading threat insight to produce defensive capabilities that are ready to deploy when time is critical. This includes a capability to validate, within minutes of mitigation being applied, that protection has been successfully introduced.

For teams battling an increasingly aggressive threat landscape, this enables modern, dynamic, and continuous protection, dramatically accelerating response times and providing immediate exposure reduction for zero-day and unpatched vulnerabilities.

“Our Rapid Reaction capabilities let us pinpoint client exposure to emerging threats faster than anyone else,” said Benjamin Harris, founder and CEO, watchTowr. “Active Defense takes this a step further, delivering immediate, automated protection that stops threats before they impact our customers. We believe we’re the first in the Preemptive Exposure Management space to deliver this level of end-to-end protection, and not just focusing on identification of exposures.”

watchTowr’s Proactive Threat Intelligence capability delivers proprietary, first-party insight into real-time attacker behavior and has also recently introduced several enhancements to strengthen its capabilities, including:

• Adversary Intelligence: Threat-actor insights paired with an organization’s unique attack surface, enabling teams to contextualize awareness of attacker behaviour into adversary-aware intelligence that strengthens prioritization and decision-making.
• Compromised Endpoints: Extends watchTowr’s automated credential stuffing capabilities to give organizations the ability to investigate the source of compromised credentials, enabling targeted remediation and shifting security teams from reactive password resets to proactive prevention of identity-based threats.
• Attacker Eye powered by STAB: Provides watchTowr with unique full-stack visibility into real-world attacker behaviour. Where honeypots have traditionally been shallow and lacked depth, Attacker Eye, our global honeypot sensor network, powered by STAB, gives defenders unprecedented visibility into attacker behavior, post-exploitation actions, and enables early detection and response intelligence before threats become entrenched.
• watchTowr Instinct: An AI-driven vulnerability intelligence engine trained to forecast vulnerabilities that are most likely to face in-the-wild exploitation, keeping defenses aligned with real-world attacker tactics.

With these updates, watchTowr is closing the gap between discovery and protection, enabling organizations to minimize exposure windows, maximize resilience, and mitigate threats at the speed of attackers. The new and enhanced capabilities are available to all watchTowr customers immediately.

When exploitation happens in hours, watchTowr delivers what no one else can: time to respond. Learn more at https://watchtowr.com/.

About watchTowr
watchTowr is the Preemptive Exposure Management capability trusted by Fortune 500 companies and critical infrastructure providers. By combining proactive threat intelligence, real attacker telemetry, and automated red teaming, watchTowr continuously identifies and validates real exposure – so security teams can outrun real-world threats. When exploitation happens in hours, watchTowr delivers what no one else can: time to respond. Follow the company on LinkedIn and X.

To learn more about watchTowr, visit https://watchtowr.com/.