FORTINET EDR ANTIVIRUS END POINT
FortiEDR delivers innovative endpoint security with real-time visibility, analysis, protection, and remediation. As proven in MITRE evaluations, FortiEDR proactively shrinks the attack surface, prevents malware infection, detects and defuses potential threats in real time, and automates response and remediation procedures with customizable playbooks.
FortiEDR identifies and stops breaches in real-time automatically and efficiently. And it does so without a slew of false alarms or disrupting business operations.
FortiEDR Advanced Endpoint Protection
FortiEDR detects and blocks ransomware and other file-less attacks to stop breaches in real time. It also reduces the attack surface and remotely remediates affected endpoints.
FortiEDR Meets Today’s Endpoint Security Requirements
Learn more about today’s requirements for endpoint security, as well as our unique detect and defuse capability. Also, understand how we prevent attacks by extending visibility and security across endpoints and workloads, no matter where they are.
Models and Specifications
Management, architecture, and platform support
A single, integrated management console provides prevention, detection, and incident response capabilities. Extended REST APIs are available to support any console action and beyond.
Protection and detection happen on the endpoint, protecting disconnected endpoints.
Native cloud infrastructure
FortiEDR features multi-tenant management in the cloud. The EDR solution can be deployed as a cloud-native, hybrid, or on-premises. It also supports air-gapped environments.
Lightweight endpoint agent
FortiEDR utilizes less than 1% CPU, up to 120 MB of RAM, 20 MB of disk space, and generates minimal network traffic.
Supported operating systems
FortiEDR supports Windows, MacOS, and Linux operating systems, and offers offline protection.
Security Fabric Integration
FortiEDR leverages the Fortinet Security Fabric architecture and integrates with many Security Fabric components including FortiGate, FortiSandbox, and FortiSIEM.
The FortiEDR connector enables the sharing of endpoint threat intelligence and application information with FortiGate. FortiEDR management can instruct enhanced response actions for FortiGate, such as suspending or blocking an IP address following an infiltration attack.
FortiEDR shares endpoint threat intelligence and discovered assets with FortiNAC. With syslog sharing, FortiEDR management can instruct enhanced response actions for FortiNAC, such as isolating a device.
FortiEDR native integration with FortiSandbox automatically submits files to the sandbox in the cloud, supporting real-time event analysis and classification. Additionally, it also shares threat intelligence with FortiSandbox.
FortiEDR sends events and alerts to FortiSIEM for threat analysis and forensic investigation. FortiSIEM can also utilize JSON and REST APIs to further integrate with FortiEDR.
FortiEDR native integration with FortiGuard Labs allows up-to-date intelligence, supporting real-time incident classification to enable accurate incident response playbook activation.
Use FortiEDR managed EDR (MDR), Incident Response, JumpStart, and Best Practices Services to manage, respond, set up, or tune the EDR Solution for your organization.
FortiResponder Managed Detection and Response Service (MDR)
We supplement your SOC team, acting as senior SOC analysts by providing:
- 24×7 threat monitoring and response
- Alert triage and response
- Guided remediation instructions with remote remediation and rollback
- Recommended course of action per classified event based on risk profile
- Environment management and MDR
- Quarterly security environment review
FortiResponder Forensics and Incident Response Service
FortiGuard Incident Response Services deliver critical services before/during/after a security incident. Our experts arm your team with fast detection, investigation, containment, and return to safe operation. To remediate a security event, we make some key determinations including:
- How the attacker got into your network
- Whether they are still there
- Their entire footprint on your network
- If they have achieved more access
- What is needed to scope, contain, eradicate, and repair
FortiGuard Labs experts have decades of first-hand investigatory and response experience. With unique skills, proven threat intelligence, cutting edge incident response/forensics technology, and established processes, our professionals deliver invaluable help to security teams. Examples of compromises we respond to include, but are not limited to:
- Ransomware attacks
- Business Email Compromise (BEC)
- Advanced persistent threats (APTs)
- Web application attacks
FortiEDR Best Practice Service
Fortinet experts will provide advice and guidance as the customer deploys the product throughout their organization. This advice/guidance will cover:
- Prerequisites and preparation
- Architecture and planning
- Deployment and optimization
- Closeout and basic training
FORTINET MDR ANTIVIRUS END POINT
FortiGuard Managed Detection and Response Service
The FortiGuard Managed Detection and Response (MDR) Service is designed for customers of the FortiEDR and FortiXDR advanced endpoint security platforms. MDR services provides organizations with 24×7 continuous monitoring of alerts and threats detected by FortiEDR. Fortinet experts review and analyze every alert, proactively hunt threats, and take actions to ensure customers are protected according to their risk profiles. The team also provides guidance and next steps to incident responders and IT administrators as needed.
FortiGuard Labs has over 500 expert researchers and analysts, studying every critical area of the threat landscape including malware, botnets, mobile, and zero-day vulnerabilities. The FortiGuard MDR Services leverages this vast experience and expertise, supplementing your SOC team, and acting as senior SOC analysts to ensure your endpoints are secured.
Features and Benefits
24X7 INCIDENT TRIAGE
ONGOING THREAT MONITORING AND RESPONSE
STATIC AND DYNAMIC MALWARE ANALYSIS
VULNERABLE AND UNWANTED PROGRAM IDENTIFICATION
FORENSIC ARTIFACT RETRIEVAL AND ANALYSIS