Industry Trends

Crowdsourcing Meets Cutting Edge Security Research in FortiGuard Labs

By Jonas Tichenor | December 29, 2014

IDC is reporting again that Fortinet has the top market share in security appliances - This is great news for Fortinet researchers and customers alike.

Here at Fortinet, we’ve been talking a lot about handoffs recently. Handoffs of data between modules in next gen firewalls, handoffs from advanced threat protection/detection tools like sandboxes to traditional firewalls, handoffs of threat intelligence between applications; you get the idea. When the parts of a security ecosystem can communicate intelligently, it’s no surprise that threats are more likely to be stopped in their tracks before they ever reach their targets.

One of the most interesting (and important) handoffs, though, occurs between FortiGuard Labs (Fortinet’s global threat research team) and the installed base of Fortinet appliances and software. So while the latest numbers from industry research firm IDC showing Fortinet shipping more security appliances than any other vendor make the accountants and shareholders happy, they make FortiGuard researchers even happier. All of those appliances - NGFWs, sandbox units, and more - feed a constant stream of threat data to the folks in the Labs.

Fortinet’s install base is global in scope and scale, encompassing the smallest SOHO customer to Fortune 500 companies to major telecom carriers with new device shipments increasing for the last seven consecutive quarters. That translates to a pretty extraordinary amount of data about current malware, botnets, zero-day exploits, and advanced threats rolling into the Labs – terabytes of data every single day, in fact, providing researchers with a clear (if somewhat disturbing) view of the threat landscape.

Richard Henderson, Security Strategist with FortiGuard explains:

“FortiGuard’s research team has sensors located all over the world watching for new events and attacks. When you couple that with the reams of data we acquire through both public and private feeds as well as the samples we obtain through both our sandbox appliances and from our customers, the researchers in the Labs are able to paint an accurate representation of the current state of security on the Internet.”

In addition to the data generated by Fortinet customers, the company is also a member of the Cyber Threat Alliance, a group of leading security companies that share threat intelligence to provide more comprehensive protection and rapid response to emerging threats. What this amounts to is crowdsourced security at the highest level, combined with cutting edge original research on new threats and vulnerabilities. All of this gets handed back off to Fortinet customers via regular software updates, as often as 6 times a day. It’s a good deal for customers, the security community at large, and the researchers themselves who, I’m quickly finding, are more like secret agents than cubicle dwellers. They live, eat, and breathe this stuff.

As Margarette Joven, Manager of the Antivirus Analyst Team told me:

“The team in the Labs is a tight-knit group. Everyone really enjoys the work, and no one works in a vacuum. In a typical day you’ll see people bouncing back and forth from desk to desk, looking at new samples together, asking questions, and analyzing new or novel ways an attack or infection happens. I really look forward to coming in every day and helping build safer networks for the millions of people who count on us to keep them safe!”

Join the Discussion