Which WatchGuard term refers to a service that classifies processes to minimize endpoint risk?

Zero-Trust Application Service is about applying a strict, evaluate-every-process approach at the endpoint. In practice, this means classifying each running process to determine its trust level before it can execute or continue to operate, then enforcing the appropriate action (allow, block, or restrict) based on that classification. This minimizes endpoint risk by preventing untrusted or suspicious processes from running or gaining privileges, even if they come from seemingly legitimate software. The idea is to treat every application and process as potentially untrusted until proven safe, which is the core of reducing attack surface through continuous assessment. Patch Management focuses on keeping software up to date with the latest fixes, not on classifying processes. Layered Protection refers to combining multiple security controls, which is a broad strategy rather than a specific service. Data Control deals with protecting data and preventing loss or leakage, not with evaluating or controlling processes at execution.