FortiDeceptor expands support of new decoys for both OT and IoT, and lures to include HoneyDocs. It also includes new malware detection and contextualization via VirusTotal and FortiSandbox integration, and improvements to existing detection with network responder and for ransomware. Review the latest release notes for more information.
In the evolving threat landscape, security leaders are concerned about maintaining business resiliency in the face of cyber threats including ransomware, zero-day attacks that target legacy systems, and lateral attacks. These threats don't just affect IT networks, they can have an impact on interconnected OT networks as well. According to Verizon’s 2021 Data Breach Investigation Report, four-fifths of breaches found were from external actors; the remaining one-fifth involved internal actors. Reactive security solutions focus on protecting either external threats or internal threats, but not both.
Based on deception technology, FortiDeceptor complements an organization’s existing breach protection strategy. As a pro-active security solution, it is designed to deceive, expose and eliminate external and internal threats early in the attack kill chain before any significant damage occurs.
FortiDeceptor Models and Specifications
FortiDeceptor offers both hardware and virtual appliance that allows flexibility for any organization to deploy in the campus and into the cloud.
The virtual appliance of FortiDeceptor can be deployed on VMware and KVM platforms.
FortiGuard Security Services included in FortiDeceptor's ARAE engine
FortiDeceptor Anti-Reconnaissance and Anti-Exploit Service (ARAE) correlates attacker activities and integrates contextual intelligence through FortiGuard services mentioned below, resulting in single pane timeline-based threat campaign.
FortiGuard Antivirus protects against the latest viruses, spyware, and other content-level threats. It uses industry-leading advanced detection engines to prevent both new and evolving threats from gaining a foothold inside your network and accessing its invaluable content.
FortiGuard IPS protects against the latest network intrusions by detecting and blocking threats before they reach network devices.
Protects your organization by blocking access to malicious, hacked, or inappropriate websites.
Using FortiDeceptor, organizations can rapidly create a fake environment that simulates the real network and assets. Through the automatic deployment of decoys and tokens, the deception network seamlessly integrates with an existing IT/OT/IoT infrastructure to lure external and internal attackers into revealing themselves. FortiDeceptor can serve as an early warning system by detecting an attacker’s activity and the lateral movement of a broader threat campaign. The threat intelligence gathered from the attacker can be applied automatically to inline security controls to stop attacks before any real damage is done.
Features and Benefits
Centrally manage a distributed deployment of FortiDeceptor and intelligent discovery and automated deployment of pre-built or custom decoys
Unified IT-OT breach protection
Lure attacks away from critical assets across both IT and OT environments
Improved Security Posture
Protects against both threat actors and their tactics e.g. malware, ransomware via VirusTotal and FortiSandbox integration
A GUI driven threat map quickly uncovers threat campaigns targeting your organization