Business & Technology
It’s not an exaggeration to state that new cyber threats are emerging every moment of every day, targeting traditional networks, cloud environments, IoT, end user and mobile devices, and increasingly, OT networks and critical infrastructure. Some are brand new exploits, while others are longstanding threats such as ransomware, phishing, or known vulnerability exploits that have been modified, often to evade detection.
Defending against this constantly evolving and expanding threat landscape requires access to real-time threat research and intelligence. Extensive knowledge of the threat landscape, combined with the ability to respond quickly at multiple levels, is the foundation for providing effective security. Which is why the resources of FortiGuard Labs play such a critical role in ensuring the security postures you rely on to block and catch these threats are constantly fine-tuned and updated.
FortiGuard Labs has an unprecedented view of today's threat landscape. For example, just for web filtering alone, we process over 100 billion queries per day, and out of those, 225 million are classified as malicious URLs. This same level of analytical insight occurs across the entire threat landscape, where we analysis and process over 65 trillion security events per year to extract timely and relevant threat intelligence. The FortiGuard Labs teams includes hundreds of threat researchers using advanced techniques and patented technologies—including one of the most advanced self-learning systems in the world—to scour the cyber landscape and proactively seek out new avenues of attack to discover emerging threats.
The FortiGuard team then develops effective countermeasures to protect more than 350,000 Fortinet customers around the world, including up-to-the-minute threat intelligence subscription services for Fortinet security products. And not only is this insight and intelligence integrated into our individual products but because of the security fabric, it gets integrated seamlessly across our entire portfolio—the broadest in the security industry—to provide an end-to-end span of intelligence not offered by any other single vendor in the industry.
To enhance these subscription services even further, Fortinet is announcing two critical changes.
· First, we are integrating our Antivirus and FortiSandbox Cloud solutions into a single Advanced Malware Protection service to protect organizations against both known and unknown threats. While signature-based antivirus technologies remain a critical foundation for any security strategy for identifying known threats, organizations also need a solution designed to identify zero-day threats and attacks leveraging advanced evasion tactics. FortiSandbox Cloud addresses this half of the problem by combining the FortiGuard antivirus database with community reputation lookups, platform-independent code emulation, and virtual sandboxing to identify previously unknown threats.
The Advanced Malware Protection service also includes IP botnet domain protection and mobile security, as well as Content Disarm and Reconstruction (CDR) and Virus Outbreak Protection Services (VOS). VOS closes the gap between antivirus updates by leveraging the latest threat analysis to detect and stop malware threats discovered between signature updates before they can spread throughout an organization. It does this by maintaining a real-time look-up to our Global Threat Intelligence database to ensure you always have the very latest in malware protection.
CDR addresses threats that use advanced techniques to evade traditional security signature-based and reputation-based prevention measures. It does this by proactively removing any possibility of malicious content in your files. CDR processes all incoming files, deconstructs them, and strips out all elements that do not match firewall policies, such as active content, to create a sterile flat file.
· We are also announcing new enhancements to our Enterprise Services Bundle.
The Enterprise Services Bundle now includes protection for over a thousand different ICS/SCADA protocols to help organizations with the difficult task of securing their IT/OT convergence efforts. New attacks targeting OT networks can not only have a devastating impact on an organization but can also damage critical infrastructures and even result in direct harm to humans as well. However, proper OT security is still sadly lacking in most organizations. According to a recent Forrester survey, for example, nearly 56% of those organizations using SCADA or ICS indicated that they had experienced a breach in those systems in the past year. Even more alarming, only 11% reported that they had never experienced a breach of their ICS or SCADA systems. Importantly, surveyed companies identified Fortinet as their overwhelmingly preferred security provider for OT environments.
The enhanced enterprise bundle also includes our CASB and Security Rating services. FortiCASB helps establish and maintain policy and security governance across multi-cloud environments by enabling IT teams to maintain secure user access and centralized visibility across some of today’s most widely used SaaS applications, including Salesforce.com and Microsoft Office 365, whether those users are on or off campus. It also protects data stored in SaaS resources from cloud-borne threats, while providing compliance and audit tools to help organizations better control their SaaS applications.
Our research shows that organizations are being impacted with the same threats over and over, which suggests they are not getting to the root cause of their infections by performing proper and adequate security hygiene. Which is why our Security Rating Service is an essential part of the enterprise bundle, guiding organizations in designing, implementing, and continually maintaining their targeted security postures and maturity levels. After identifying infrastructure vulnerabilities and weaknesses it then provides best practices guidance to improve their security posture. It does this through measurable and meaningful feedback in the form of actionable configuration recommendations, key performance/risk indicators, and proactively helping them keep pace with evolving compliance and regulatory standards. It also provides a comparative ranking against other organizations in the same industry for a quick snapshot of their relative level of security.
In addition to things like performance, the value of any security solution today depends on the accuracy and timeliness of its threat intelligence to detect and respond to the continually evolving threat landscape. Fortinet's threat intelligence security subscriptions ensure that your Fortinet security solutions are tuned continuously with up-to-the-minute insight into threats occurring anywhere in the world through our global network built around millions of sensors.
However, data alone isn't enough. Which is why this comprehensive intelligence set is processed using automated and advanced analytics (such as machine learning and AI) that are applied to cross-discipline information. These mature and rigorous back-end processes combined with proactive threat research ensure high threat fidelity to prevent the exploitation of new avenues of attack. Our top-rated effectiveness is also supported through our commitment to independent, real-world testing, and is evidenced in our consistently achieving the highest marks for accuracy and efficacy in tests conducted by leading labs.
Our comprehensive range of advanced security services includes: Application Control, Antispam, Antivirus, Content Disarm & Reconstruction, Credential Stuffing Defense, CASB, Database Security, Domain Reputation, Indicators of Compromise (IOC), Industrial Security Services for ICS, Intrusion Prevention, IP Reputation & Anti-botnet Security, Mobile Security, Sandbox, Security Rating, Virus Outbreak Protection, Web Application Security, and Web Filtering.
Fortinet is committed to not only providing advanced security solutions built around high performance, advanced automation, cost-effectiveness, and deep integration that spans both devices and infrastructural ecosystems through our security fabric. We are also committed to leading the industry in advanced threat intelligence services that span our entire portfolio to ensure that organizations enjoy the highest degree of unified and integrated protection possible across their entire distributed environment, from mobile devices and remote offices, to deep into the network core and databases, and out to the expanding multi-cloud.