Fortinet unveils Digital Risk Protection offering

FortiRecon combines machine learning, automation, and human intelligence to continually monitor an organisation’s external attack surface, determine its brand risk, and deliver custom intel to act earlier and faster on threats.

  • 2 years ago Posted in

Fortinet has introduced FortiRecon, a complete Digital Risk Protection Service (DRPS) offering that uses a powerful combination of machine learning, automation capabilities, and FortiGuard Labs cybersecurity experts to manage a company’s risk posture and advise meaningful action to protect their brand reputation, enterprise assets, and data. FortiRecon uniquely delivers a triple offering of outside-in coverage across External Attack Surface Management (EASM), Brand Protection (BP), and Adversary-Centric Intelligence (ACI) to counter attacks at the reconnaissance phase – the first stage of a cyberattack – to significantly reduce the risk, time, and cost of later stage threat mitigation.

 

Organisations are Overwhelmed in the Fight to Protect their Network, Data, and Reputation and Mitigate Risk Early

Before attacking an organisation, a cybercriminal’s primary objective is to gather as much intelligence about their target as possible. This phase of early reconnaissance arms the adversary with everything they need to determine if and how they would exploit an organisation. They will test a company’s defense and response tactics, look for unpatched systems, use social media to learn more about its employees and their normal behaviour, and go as far as researching business partners, recent acquisitions, and any other third-party affiliation that could lead to a successful compromise. As organisations digitally accelerate their businesses and deploy hybrid IT architectures that expand the attack surface, identifying and mitigating these threats has become increasingly more difficult. In response to the velocity of threats, cybersecurity best practices have evolved from point-in-time evaluations to continual monitoring, ongoing reviews, and continuous enhancements to an organisation’s security posture.

 

Taking a Page Out of the Adversary Playbook to Mitigate Risk

With the introduction of FortiRecon, Fortinet provides enterprise organisations with a powerful tool to understand how the adversary views an organisation from the outside to help inform cybersecurity teams, the C-Level, and risk and compliance management on how to prioritise risk and improve the company's overall security posture. FortiRecon offers companies consistent and comprehensive coverage across three areas:

 

External Attack Surface Monitoring: Empowers organisations to understand their risk profile and mitigate risks early. Provides an outside-in view of an organisation and its subsidiaries to identify exposed known and unknown enterprise assets and associated vulnerabilities, and prioritise the remediation of critical issues. EASM identifies servers, credentials, public cloud service misconfigurations, and even third-party partner software code vulnerabilities that could be exploited by malicious actors.

Brand Protection: Enables organisations to protect their brand and identify risks to their customers. Proprietary algorithms detect web-based typo-squatting, defacements, and phishing impersonations, as well as rogue mobile apps, credential leaks, and brand impersonation on social media, all common techniques used by cyber threat actors. The early detection of malicious activity allows teams to quickly take action (such as website or application takedown) to stop and prevent damage.

Adversary-Centric Intelligence: Increases the security awareness of an organisation’s SOC team with industry and geography specific coverage to better understand their attackers and protect assets. FortiGuard Labs cybersecurity experts assess the underground and imminent threat risks posed by active cybercriminals to an individual company by proactively monitoring public and private forums, open-source, dark web, and other cybercriminal domains. By engaging in human intelligence collection, FortiGuard Labs experts assess and curate custom threat intelligence, providing recommendations specific to the company, industry, and geography.

 

For partners, FortiRecon can be sold on top of the Fortinet Security Fabric or as a stand-alone, vendor-agnostic solution that delivers easily digestible reports and enables their customers to quickly understand the risks posed to their company, data, and brand reputation. FortiRecon also extends the categories of risk for which partners can provide insight to customers and increases the opportunity to land new customers that have only invested in more traditional security solutions.

 

Enhancing Fortinet’s Early Detection and Response Portfolio and Industry Leading Security Services

FortiRecon complements Fortinet’s robust portfolio of early detection and advanced response products, including FortiNDR, FortiXDR, FortiDeceptor, in-line sandboxing, as well as advanced automation with FortiAnalyzer, FortiSIEM and FortiSOAR.

Fortinet is firmly committed to the success of SOC teams and the protection of organsiations and offers an extensive portfolio of outsource services ranging from cybersecurity assessments and readiness, playbook development, tabletop training, Incident Response, MDR and SOC-as-a-service. This combined offering, alongside the many enhancements across the Fortinet Security Fabric and extended ecosystem deliver simplification and automation to help SOC teams regain focus, control, and speed by strengthening an organisation’s SOC with FortiGuard Labs cybersecurity tools and experts.


Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...
Graylog has unveiled significant security advancements to drive smarter, faster, and more...
Datadog has published its new report, the State of Cloud Security 2024. The report found that...
ISACA research shows automating threat detection/response and endpoint security are the most...
Strategic partnership unifies AI-native endpoint security and next-generation firewall protection...
Advanced forms of social engineering are on the rise, though obvious gaps like weak passwords are...