Advanced, automated endpoint protection, detection, and response
FortiEDR delivers innovative endpoint security with real-time visibility, analysis, protection, and remediation. As proven in MITRE evaluations, FortiEDR proactively shrinks the attack surface, prevents malware infection, detects and defuses potential threats in real time, and automates response and remediation procedures with customizable playbooks.
FortiEDR identifies and stops breaches in real-time automatically and efficiently. And it does so without a slew of false alarms or disrupting business operations.
FortiEDR Product Details
Endpoint Detection and Response (EDR) subscription bundles are available for different use cases, depending on the customer needs, other Fortinet Security Fabric products deployed, as well as managed service options.
Discover and Protect
For customers in the process of migrating from a traditional endpoint protection platform or next generation antivirus solution towards EDR, a basic Discover and Protect option is available, which supports future migration to full EDR.
Protect and Respond
For special cases where customers may have complimentary vulnerability discovery in place already, a special subscription is available. This subscription supports the standard EDR, XDR, Managed EDR, and Managed XDR variations.
Discover, Protect and Respond
For the best security coverage, the all-in-one subscription is recommended. This subscription supports the standard EDR, XDR, Managed EDR, and Managed XDR variations.
FortiEDR Advanced Endpoint Protection
See how FortiEDR detects and blocks ransomware and other file-less attacks to stop breaches in real time. It also reduces the attack surface and remotely remediates affected endpoints.
FortiEDR Meets Today’s Endpoint Security Requirements
Learn more about today’s requirements for endpoint security, as well as our unique detect and defuse capability. Also, understand how we prevent attacks by extending visibility and security across endpoints and workloads, no matter where they are.
Security Fabric Integration
FortiEDR leverages the Fortinet Security Fabric architecture and integrates with many Security Fabric components including FortiGate, FortiSandbox, and FortiSIEM.
The FortiEDR connector enables the sharing of endpoint threat intelligence and application information with FortiGate. FortiEDR management can instruct enhanced response actions for FortiGate, such as suspending or blocking an IP address following an infiltration attack.
FortiEDR shares endpoint threat intelligence and discovered assets with FortiNAC. With syslog sharing, FortiEDR management can instruct enhanced response actions for FortiNAC, such as isolating a device.
FortiEDR native integration with FortiSandbox automatically submits files to the sandbox in the cloud, supporting real-time event analysis and classification. Additionally, it also shares threat intelligence with FortiSandbox.
FortiEDR sends events and alerts to FortiSIEM for threat analysis and forensic investigation. FortiSIEM can also utilize JSON and REST APIs to further integrate with FortiEDR.
- FortiGuard Labs
FortiEDR native integration with FortiGuard Labs allows up-to-date intelligence, supporting real-time incident classification to enable accurate incident response playbook activation.
EDR Solution Features and Benefits
DISCOVER AND CONTROL
Discover and control rogue devices and applications based on risk mitigation policies.
DETECT AND DEFUSE IN REAL TIME
Automatically detect and defuse potential threats in real time—even on compromised devices.
AUTOMATIC INCIDENT RESPONSE
Use customizable contextual incident response playbooks that automate incident response.
INSTANTLY STOP ATTACKS
Instantly stop breaches and prevent data loss and ransomware damage with no dwell time.
GAIN EFFICIENT SECURITY OPERATIONS
Eliminate alert fatigue and optimize operations with customizable incident response processes.
MINIMIZE BUSINESS IMPACT
Enable response and remediation while keeping systems online, maintaining business continuity.
Endpoint Detection and Response (EDR) subscription bundles are available for different use cases, depending on the customer needs, other Fortinet Security Fabric products deployed, as well as managed service options. The following table summarizes the most common and recommended options:
|Discover and Protect
|Discover, Protect, and Respond
|Discover, Protect, and Respond with XDR
|Discover - IT Hygiene
|Attack Surface Reduction
|Protect - Endpoint Protection
|Cloud Threat Intelligence
|Attack Chain Visualization
|Advanced Incident Forensics
|Malicious Web Filtering
|Repsond - Endpoint Detection and Response
|Continuous Recording and Analysis
|Threat Hunting Enablement
|AI-based Behavior Tagging
|IOC Ingestion and Search
|Security Fabric Integration
|3rd Party Integration
|Automated Incident Response Framework
|Secured Remote Shell
|XDR - eXtended Detection and Response
|eXtended Detection Across Security Fabric
|eXtended Detection Across AWS Guard-Duty
|eXtended Detection Across Google SCC
|MDR - Managed Service Options
|High Fidelity Alert Triage
|Extended Alert Triage
|Containment and Remediation Guidance
|Alerting and Reporting
|Correlated Security Fabric Alert Triage
|On-premise Internet access enabled