Call a Specialist Today! 800-886-5787 Free Shipping! Free Shipping!

Fortinet FortiEDR
Advanced, automated endpoint protection, detection, and response

FortiEDR delivers innovative endpoint security with real-time visibility, analysis, protection, and remediation. As proven in MITRE evaluations, FortiEDR proactively shrinks the attack surface, prevents malware infection, detects and defuses potential threats in real time, and automates response and remediation procedures with customizable playbooks.

FortiEDR identifies and stops breaches in real-time automatically and efficiently. And it does so without a slew of false alarms or disrupting business operations.

FortiEDR Product Details

Endpoint Detection and Response (EDR) subscription bundles are available for different use cases, depending on the customer needs, other Fortinet Security Fabric products deployed, as well as managed service options.

FortiEDR Advanced Endpoint Protection

See how FortiEDR detects and blocks ransomware and other file-less attacks to stop breaches in real time. It also reduces the attack surface and remotely remediates affected endpoints.

FortiEDR Meets Today’s Endpoint Security Requirements

Learn more about today’s requirements for endpoint security, as well as our unique detect and defuse capability. Also, understand how we prevent attacks by extending visibility and security across endpoints and workloads, no matter where they are.

Security Fabric Integration

FortiEDR leverages the Fortinet Security Fabric architecture and integrates with many Security Fabric components including FortiGate, FortiSandbox, and FortiSIEM.

  • FortiGate
    The FortiEDR connector enables the sharing of endpoint threat intelligence and application information with FortiGate. FortiEDR management can instruct enhanced response actions for FortiGate, such as suspending or blocking an IP address following an infiltration attack.
  • FortiNAC
    FortiEDR shares endpoint threat intelligence and discovered assets with FortiNAC. With syslog sharing, FortiEDR management can instruct enhanced response actions for FortiNAC, such as isolating a device.
  • FortiSandbox 
    FortiEDR native integration with FortiSandbox automatically submits files to the sandbox in the cloud, supporting real-time event analysis and classification. Additionally, it also shares threat intelligence with FortiSandbox.
  • FortiSIEM 
    FortiEDR sends events and alerts to FortiSIEM for threat analysis and forensic investigation. FortiSIEM can also utilize JSON and REST APIs to further integrate with FortiEDR.
  • FortiGuard Labs
    FortiEDR native integration with FortiGuard Labs allows up-to-date intelligence, supporting real-time incident classification to enable accurate incident response playbook activation.
Fabric Integration

EDR Solution Features and Benefits


Discover and control rogue devices and applications based on risk mitigation policies.


Automatically detect and defuse potential threats in real time—even on compromised devices.


Use customizable contextual incident response playbooks that automate incident response.


Instantly stop breaches and prevent data loss and ransomware damage with no dwell time.


Eliminate alert fatigue and optimize operations with customizable incident response processes.


Enable response and remediation while keeping systems online, maintaining business continuity.


Endpoint Detection and Response (EDR) subscription bundles are available for different use cases, depending on the customer needs, other Fortinet Security Fabric products deployed, as well as managed service options. The following table summarizes the most common and recommended options:

  Discover and Protect Discover, Protect, and Respond Discover, Protect, and Respond with XDR
Discover - IT Hygiene
Asset Discovery
Asset Assessment
Attack Surface Reduction
Application Control
USB Control
Protect - Endpoint Protection
NGAV (pre-execution)
Post-execution Protection
Cloud Sandbox
Cloud Threat Intelligence
Attack Chain Visualization
Advanced Incident Forensics
MITRE Tagging
Malicious Web Filtering
Repsond - Endpoint Detection and Response
Continuous Recording and Analysis  
Threat Hunting Enablement  
AI-based Behavior Tagging  
IOC Ingestion and Search  
AI-powered Investigation
Security Fabric Integration
3rd Party Integration
Automated Remediation
Automated Incident Response Framework
Secured Remote Shell
XDR - eXtended Detection and Response
eXtended Detection Across Security Fabric    
eXtended Detection Across AWS Guard-Duty    
eXtended Detection Across Google SCC    
MDR - Managed Service Options
High Fidelity Alert Triage Managed EDR Managed EDR Managed XDR
Extended Alert Triage   Managed EDR Managed XDR
Containment and Remediation Guidance   Managed EDR Managed XDR
Alerting and Reporting   Managed EDR Managed XDR
Correlated Security Fabric Alert Triage     Managed XDR
Additional Services
24x7 Support Included Included Included
Deployment Cloud On-premise Internet access enabled Cloud