Automated Detection and Response to External and Internal ThreatsA New Breach Protection Approach with FortiDeceptor
According to Verizon’s 2018 Data Breach Investigation Report, two-thirds of breaches found were from external actors while the remaining one-third involved internal actors. Unfortunately, today’s reactive security solutions are narrowly focused in either protecting external or internal threats but not both.
FortiDeceptor is based on deception-based technology that complements an organization’s existing breach protection strategy, designed to deceive, expose and eliminate attacks originating from either external or internal sources before any real damage occurs.
2019年4月9日Fortinet Expands its Security Fabric to Advance The Third Generation of Cybersecurity: Security-Driven NetworkingLatest Release of FortiOS Delivers Over 300 New Innovations Across the Fortinet Security Fabric for Protection from IoT to Edge, Network Core and to Multi-Clouds
2019年4月9日Leveraging Deception for Breach ProtectionFortiDeceptor levels the playing field by automating the creation of dynamic decoys that are dispersed throughout the IT environment. Because attackers are unable to determine which assets are fake and which are real, their time advantage is reduced or eliminated altogether.
FortiDeceptor Product Details
FortiDeceptor allows organizations to rapidly create a fabricated deception network through the automatic deployment of deception VMs and decoys that seamlessly integrate with an existing infrastructure to lure attackers into revealing themselves. FortiDeceptor helps serve as an early warning system by providing accurate detection that correlates an attacker’s activity details and lateral movement that feeds up to a broader threat campaign. Threat intelligence gathered from the attacker can be applied automatically to inline security controls to stop attacks before any real damage is done.
Features and Benefits
GUI driven threat map quickly uncovers threat campaigns targeting your organization
Security infrastructure integration provides real-time blocking of attackers before real damage occurs
Centrally manage and automate the deployment of decoys and lures.
FortiDeceptor Models and Specifications
FortiDeceptor offers both hardware and virtual appliance that allows flexibility for any organization to deploy in the campus and into the cloud.
FortiGuard Security Services for FortiGuard Service Bundles
FortiGuard IPS 通过检测威胁并在威胁侵入到网络设备前对此阻断，以此抵御最新的网络入侵。
Today's targeted attacks can originate from both external or internal to an organization. Advanced threat deception is key to providing early detection and response before an attack is allowed to complete its full lifecycle. This fully functional FortiDeceptor demo provides users the experience to centrally manage deception VMs and decoys, with actionable visibility to threat campaigns, and the ability to easily integrate with FortiGates to block these attacks.
How does FortiDeceptor work?
Decoys and lures are deployed to simulate real endpoints and servers with services, data and applications. Additionally, tokens can be embedded to real endpoints to redirect attacks to the decoys. Once a threat actor logs into a decoy, all activities are captured and the security administrator receives an alert. The security team can perform a full investigation, followed with either manual remediation or allow FortiDeceptor to perform automated mitigation.
What endpoint OS does FortiDeceptor support?
Currently, FortiDeceptor supports Windows, Linux, and SCADA.
Does FortiDeceptor fit my security infrastructure?
FortiDeceptor is offered as an appliance and VM form-factor that meets a range of requirements supporting campus to cloud deployments.
How fast can FortiDeceptor be up and running?
Security operators can leverage built-in Deception OSes to automate the deployment of decoys and lures on Day-1.
How do I test drive FortiDeceptor?