Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, on May 18 announced enhancements to the company’s FortiEDR solution, whose customer adoption has been growing exponentially. These include new MITRE ATT&CK tags for system activity, new managed detection and response (MDR) service options and the recently announced extended detection and response (XDR) capability.
With the latest additions, organisations of all sizes can now benefit from advanced endpoint protection with automated endpoint detection and response (EDR), including:
- Cloud-native Endpoint Security: Helps secure workers’ computers on and off the network, providing visibility into and reduces the endpoint attack surface with a lightweight agent whose operation is transparent to users.
- Integrated Endpoint Protection (EPP) with EDR: Not only does this approach prevent attacks pre- and post-execution, but can also detect threats that bypass the prevention layer and quickly respond to minimise business impact.
- Managed detection and response (MDR) service: Delivers 24×7 threat monitoring, alert triage, remote response and environment tuning for additional expertise and insight.
Rajesh Maurya, Regional Vice President, India & SAARC at Fortinet said, “Unlike traditional Endpoint Protection Platform (EPP) products that bolt-on Endpoint Detection and Response (EDR), or first-generation EDR solutions that add EPP later, FortiEDR is the only solution that was built as a unified solution from the start. As a result, it seamlessly provides behaviour-based protection, detection and response at both pre-infection and post-comprise stages as demonstrated in the recent MITRE ATT&CK evaluation results. In the past year, FortiEDR customer adoption grew more than 300 per cent. This advancement in endpoint security is critical to defending against the sophistication and maliciousness of recent high profile cyberattacks and evolution of ransomware.”
Increased Demand for Real-Time Protection to Thwart Threats like Ransomware
Ransomware attack trends continue to evolve and impact more and more organisations. From the middle to the end of last year, FortiGuard Labs saw a sevenfold increase in the volume of attacks. As modern ransomware attacks place data and lives at risk, organisations need to secure their environments and protect critical infrastructure. To address these challenges, FortiEDR, as part of the Fortinet Security Fabric, delivers patented ransomware protection without any dependency on shadow copies that the more sophisticated cyberattacks disable. Additional patented detect and defuse capabilities thwart other classes of advanced threat while maintaining high availability even in the midst of a security incident. This also buys valuable time needed for full incident response.
Protecting Against a Sophisticated Threat Landscape with FortiEDR
Unlike other endpoint protection solutions that rely on known threat intelligence to block attacks or blunt tools for detection and response, FortiEDR provides durable behaviour-based protection and ongoing analysis and automatable response that can roll back malicious changes without taking machines offline to re-image. Additionally, FortiEDR’s incident response playbooks enable organisations to easily pre-define common response actions based on endpoint groups, asset value and threats categorisation. This allows companies to take a risk-based approach to endpoint security, and speed the incident response process.
As proven by the latest MITRE test, FortiEDR leverages patented code tracing technology to track all system activities, identify at-risk behaviour and step in to block before damage is done. FortiEDR can then also unwind the damage and restore the system. This approach is more accurate, decreasing false positives, more durable as it’s harder to evade and able to detect novel and zero day threats, including supply chain attacks.