Skip to content Skip to navigation Skip to footer

Endpoint Detection Response

Fortinet Named a Visionary in the 2022 Gartner® Magic Quadrant™ for EPP

Download Report
Endpoint Detection Response banner background banner dots


FortiEDR delivers innovative endpoint security with real-time visibility, analysis, protection, and remediation. Labeled as a Visionary by Gartner and proven in MITRE ATT&CK evaluations, FortiEDR proactively shrinks the attack surface, prevents malware infection, detects and defuses potential threats in real time, and automates response and remediation procedures with customizable playbooks.

FortiEDR identifies and stops breaches in real-time automatically and efficiently. It drives fundamental change within security operations by integrating with your security architecture and by automating actions via granular customizable playbooks.

FortiEDR Advanced Endpoint Protection

See how FortiEDR detects and blocks ransomware and other file-less attacks to stop breaches in real time. It also reduces the attack surface and remotely remediates affected endpoints.

Jetzt ansehen

FortiEDR Meets Today’s Endpoint Security Requirements

Learn more about today’s requirements for endpoint security, as well as our unique detect and defuse capability. Also, understand how we prevent attacks by extending visibility and security across endpoints and workloads, no matter where they are.

Jetzt ansehen

Fortinet Named a Visionary in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

Fortinet has been named a Visionary in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms. We believe this is due to continued development and customer satisfaction. FortiXDR has matured into a unique platform, increasing integration and differentiation due to further development with Fortinet Security Fabric.

Download Report

Features and Benefits

Discover and Control

Discover and control rogue devices and applications based on risk mitigation policies.

Detect and Defuse in Real Time

Automatically detect and defuse potential threats in real time—even on compromised devices.

Automatic Incident Response

Use customizable contextual incident response playbooks that automate incident response.

Instantly Stop Attacks

Instantly stop breaches and prevent data loss and ransomware damage with no dwell time.

Gain Efficient Security Operations

Eliminate alert fatigue and optimize operations with customizable incident response processes.

Minimize Business Impact

Enable response and remediation while keeping systems online, maintaining business continuity.

FortiEDR Use Cases

With contextual incident response playbooks, security teams can customize and automate incident investigation and response per classification and target host, optimizing security operations. Security teams can deploy some or all of the key use cases for Fortinet's EDR Solution -- FortiEDR.

Management, architecture, and platform support
A single, integrated management console provides prevention, detection, and incident response capabilities. Extended REST APIs are available to support any console action and beyond.

Offline protection
Protection and detection happen on the endpoint, protecting disconnected endpoints.

Native cloud infrastructure
FortiEDR features multi-tenant management in the cloud. The EDR solution can be deployed as a cloud-native, hybrid, or on-premises. It also supports air-gapped environments.

Lightweight endpoint agent
FortiEDR utilizes less than 1% CPU, up to 120 MB of RAM, 20 MB of disk space, and generates minimal network traffic.

Supported operating systems
FortiEDR supports Windows, MacOS, and Linux operating systems, and offers offline protection.


XP SP2/SP3, 7, 8, 8.1, 10, and 11 (32-bit and 64-bit versions)
Windows Server
2003 SP2, R2 SP2, 2008 SP2, 2008 R2 SP1, 2012, 2012 R2, 2016, 2019, and 2022
Google Cloud
Compute Engine Deployments and Procurement
El Capitan (10.11), Sierra (10.12), High Sierra (10.13), Mojave (10.14), Catalina (10.15), Big Sur (11.x), and Monterey (12.x)
RedHat Enterprise Linux and CentOS 6.x, 7.x, and 8.x, Ubuntu LTS 16.04.x, 18.04.x, 20.04.x server, 64 bit only Oracle Linux 6.x+, 7.7+, and 8.2+, Amazon Linux AMI 2 SuSE SLES 15.1
VDI Environments
VMware Horizons 6 and 7 and Citrix XenDesktop 7

FortiEDR leverages the Fortinet Security Fabric architecture and integrates with many Security Fabric components including FortiGate, FortiSandbox, and FortiSIEM. 

The FortiEDR connector enables the sharing of endpoint threat intelligence and application information with FortiGate. FortiEDR management can instruct enhanced response actions for FortiGate, such as suspending or blocking an IP address following an infiltration attack.

FortiEDR shares endpoint threat intelligence and discovered assets with FortiNAC. With syslog sharing, FortiEDR management can instruct enhanced response actions for FortiNAC, such as isolating a device.

FortiEDR native integration with FortiSandbox automatically submits files to the sandbox in the cloud, supporting real-time event analysis and classification. Additionally, it also shares threat intelligence with FortiSandbox. 

Uses FortiEDR for an endpoint security posture check for Zero-Trust Network Access (ZTNA)

FortiGuard Labs
FortiEDR native integration with FortiGuard Labs allows up-to-date intelligence, supporting real-time incident classification to enable accurate incident response playbook activation. 

Uses FortiEDR for an endpoint security posture check for Zero-Trust Network Access (ZTNA)

Sortieren nach:

Our Customers Emphasize the Value of FortiEDR in Gartner Peer Insights Reviews

Many enterprise customers realize the efficiency and effectiveness of FortiEDR and have provided positive feedback on Gartner Peer Insights. Read what end users say about FortiEDR. 

"FortiEDR Is The First Product In My 15 Year Career That Makes Me Think We Have A Chance."

CISO in the Financial Industry

"FortiEDR is efficient in all aspects. The agent has almost no overhead, the management interface provides detail without needing to dig, and most importantly, blocking occurs with minimal user impact."

"Successfully Regain Advantage Over Malicious Actors"

Sr. Security Analyst in the Manufacturing Industry

"From sales, to implementation, to support, the FortiEDR global team was a partner ensuring our success to regain an advantage over malicious actors."

"The zero-day capabilities are outstanding. Changes the table on suspicious activity from "Opt out" to "Opt In" -- suspicious activity is stopped and only allowed after activity analysis."

"Easy To Use Tool That Reduces Malicious Attacks While Not Negatively Affecting Production."

IT Director in the Miscellaneous Industry

"A well designed easy to use tool that helps to mitigate cyber risk. The product provides a high level of protection while keeping false positives to a minimum. Thus keeping business technology safer and working."

"Fast Effective EDR Compared To Others During POCs"

Security and Risk Management in the Manufacturing Industry

"Triage times are about 3 minutes compared to 30 minutes with the last vendor. Initial tuning was simplified by exceptions built into the main UI making all capabilities in one single pain of glass."

"From a product perspective, the EDR tool provides a significant time advantage when triaging and coming to conclusions. The tool has been very accurate, and the professional services is the icing on the cake. Their professional services are side by side with you for questions so knowing that you have a team by your side makes this a complete solution."

"Rollout Was Extremely Easy And The Support Is Great!"

Director - Enterprise Dev/Ops in the Manufacturing Industry

"By implementing FortiEDR we have been able to free up internal resources to work on large projects while ensuring that our enterprise is protected from malicious software."

"The monitoring service is excellent! They are proactive and only escalate alerts to the internal team after they have removed any false positives."

"My Favorite Enterprise Endpoint Security Application Thus Far"

Security Analyst in the Services Industry

"Working with the FortiEDR Endpoint Security application has been incredibly easy while still being very effective."


Product With Small Footprint But Magnificent Malware Prevention And Forensic Capabilities"

Security Architect in the Manufacturing Industry

"Lightweight Product - small Footprint on machines. Sophisticated Detection and Prevention mechanisms and Insight into complete malware kill chain. Fast support and customer request response Fast development "

"The product still prevents damage if you are already infected. Try it on a PoC and watch the results.”


For more Peer Insight reviews on FortiEDR click here


Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences, and do not represent the views of Gartner or its affiliates.

Use FortiEDR managed EDR (MDR), Incident Response, JumpStart, and Best Practices Services to manage, respond, set up, or tune the EDR Solution for your organization.

JumpStart Services

JumpStart Services

Fortinet JumpStart Services assesses a customer’s existing security posture and partners with them to create a customized security implementation plan to ensure successful and proactive:

  • Architecture and planning
  • Deployment and installation
  • Environment tuning
  • Prevention mode migration
  • Project management
  • Training


FortiResponder Managed Detection and Response Service (MDR)

We supplement your SOC team, acting as senior SOC analysts by providing:

  • 24x7 threat monitoring and response
  • Alert triage and response
  • Guided remediation instructions with remote remediation and rollback
  • Recommended course of action per classified event based on risk profile
  • Environment management and MDR
  • Quarterly security environment review
Mehr erfahren

FortiResponder Forensics and Incident Response Service

We assist with the analysis, response, containment, and remediation of security incidents to reduce the time to resolution, limiting the overall impact to an organization. FortiResponder Forensics and Incident Response Service can also help organizations that have not deployed FortiEDR for specific incident or breach investigation.

Mehr erfahren

FortiEDR Best Practice Service

Fortinet experts will provide advice and guidance as the customer deploys the product throughout their organization. This advice/guidance will cover:

  • Prerequisites and preparation
  • Architecture and planning
  • Deployment and optimization
  • Closeout and basic training


Sortieren nach:

FortiEDR bietet Endpunkt-Prävention, -Erkennung und -Reaktion in einem einzigen, leichtgewichtigen Agenten, der fortschrittlichen Echtzeit-Bedrohungsschutz für Endpunkte sowohl vor als auch nach der Infektion bietet. Es verringert proaktiv die Angriffsfläche, verhindert Malware-Infektionen, erkennt und entschärft potenzielle Bedrohungen in Echtzeit und kann Reaktions- und Abhilfemaßnahmen mit anpassbaren Playbooks automatisieren. FortiEDR hilft Unternehmen, Sicherheitsvorfälle automatisch und effizient in Echtzeit zu stoppen, ohne dass Sicherheitsteams mit einer Vielzahl von Fehlalarmen überfordert oder die Betriebsabläufe gestört werden.

Security Operation

Security Operations

Heutige Cyberbedrohungen sind massiv, hochkomplex und ultraschnell. Um damit Schritt halten zu können, sollten Ihre Sicherheitsabläufe durch KI unterstützt werden und in Maschinengeschwindigkeit funktionieren. Mit den Fortinet Security Operations erhalten Sie eine fortschrittliche Bedrohungserkennung, Reaktionsfunktionen, zentralisiertes Security Monitoring und Optimierung. Und das Beste daran: Das alles lässt sich einfach über die gesamte Fortinet Security Fabric hinweg bereitstellen.

FortiEDR News

Gartner Magic Quadrant for Endpoint Protection Platforms, Peter Firstbrook and Chris Silva, 31 December 2022.

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Magic Quadrant is a registered trademarks of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Fortinet.