Business & Technology
New FortiXDR Capabilities Offer Expanded Coverage
Organizations increasingly face challenges in effectively managing and securing the many disparate components of their digital environments, ranging from mobile devices to servers to cloud workloads. Additionally, while 95% of business leaders say they plan to consolidate vendors in the next 12 months to simplify daily operations, many enterprises still use multiple vendors to protect their assets. As a result, their threat detection, investigation, and response efforts remain fragmented, creating inefficiencies and slowing response times by already stretched staffing resources.
Although many organizations have a security information and event management (SIEM) solution to aggregate and analyze the telemetry from the various tools they use, security teams are often still forced to conduct manual remediation on independent consoles to mitigate events as they’re identified. While the extensive use of AI and automation does shorten the life cycle of a data breach, it can still take security teams an average of 277 days to fully contain an incident.
Given these hurdles, many organizations are turning to extended detection and response (XDR) solutions like FortiXDR, which is built on the leading FortiEDR endpoint detection and response at the core to augment information sharing across the organization and add a layer of automated remediation capabilities.
Today, we’re pleased to announce several enhancements to FortiXDR, including support for iOS and Android mobile devices as well as threat hunting for containers. These additions further solidify the power of the Fortinet Security Fabric platform and its ability to reduce the average time needed to detect and repair, all while tapping into existing data lakes without the need for replication.
FortiXDR Enhances the Fortinet Security Fabric
FortiXDR enhances the Fortinet Security Fabric by analyzing security event information feeds from your Fortinet products and third-party security solutions to identify potential threats. These cross-platform feeds are correlated, investigated using AI-powered analysis, and combined into singular events for review. Organizations can leverage predefined, automatable cross-platform responses based on the classification returned. As a result, FortiXDR users can identify more threats, contain them faster, and ease the alert burden on security teams.
Better Detection of Sophisticated Attacks
FortiXDR uses advanced threat intelligence and analytics to identify elusive threats across iOS and Android devices, workstations, servers, and cloud workloads. This comprehensive coverage ensures a multilayered defense strategy, enabling quicker identification of sophisticated attacks and facilitating a coordinated response to mitigate risks effectively. Based on the kernel-based EDR of FortiEDR, FortiXDR is an extremely lightweight agent that is evasion resistant with superior visibility into system processes, file changes, and other behaviors, as seen in the 2023 MITRE ATT&CK Evaluations that demonstrated no delayed detections.
Simplification of Complex IT Security
By offering a unified approach to security that covers everything from mobile devices to the cloud, this change significantly reduces the complexity of monitoring and managing hybrid IT infrastructures through high-quality detections. This simplification allows for more efficient allocation of security resources, enhances overall visibility, and improves the effectiveness of threat detection and response strategies across the organization's digital assets. Furthermore, FortiXDR is a multi-data lake solution that doesn’t require data lake replication, which lowers the cost and makes it more predictable.
Financial Flexibility in Security Upgrades
The FortiXDR post-paid model enables MSSPs to invest in cutting-edge endpoint security without the pressure of long-term contracts or upfront investments. This approach facilitates the timely adoption of superior security measures and aligns with the MSSP's customer-desired flexibility and diverse budgetary requirements, ensuring that organizations can enhance their cybersecurity posture while maintaining financial flexibility.
Additional Enhancements
This release also brings more integrations and enhancements, such as XDR integrations for FortiSIEM and FortiAnalyzer Cloud, CEF/LEEF format support, and traditional Chinese language support. We expanded our application control capabilities to offer more granularity and to reduce false positives for specific applications. We added the ability to audit commands given via our secure remote shell capability. We improved the ease of transitioning from the platforms you’re replacing to the FortiXDR platform through the ability to import and export exclusions and added training videos to the console.
Learn More about FortiXDR and the Fortinet Security Fabric Platform
As the threat landscape grows increasingly complex and businesses continue to expand their networks, a holistic platform approach to security is essential. By leveraging the capabilities of FortiXDR through the Fortinet Security Fabric platform and third-party integrations, organizations gain greater information-sharing and automatable response options across the ecosystem and can streamline and improve their monitoring, detection, and response processes.
