Fortinet has acquired ZoneFox which provides cloud-based security platform that effectively combats the growing issue of insider threats within enterprises or service providers. According to a recent reputed breach report, 30% of breaches involved insiders acting negligently or maliciously. Such threats affect enterprises across all sectors, including healthcare, government, financial services, and retail.
The combination of Fortinet and ZoneFox will enhance Fortinet’s Security Fabric by providing enterprises with deeper visibility into endpoints, user behaviour as well as resource access and data movement. This capability will focus on security blind spots, thus addressing CISOs’ concerns on insider risks. Some use cases include, but are not limited to, endpoint-to-endpoint threat movement, data exfiltration, internal recon, insider fraud, unauthorized asset access, account misuse or compromise. ZoneFox cloud-based threat hunting platform complements FortiClient endpoint security with endpoint detection & response (EDR) capabilities and extends FortiSIEM with additional user entity behavior analytics (UEBA) features.
The acquisition will be providing customers with following benefits:
- Deeper visibility into endpoints and associated data flow and user behavior, both on and off the network
- Machine learning capabilities able to distill billions of events per day into high-quality threat leads to uncover blind spots and alert users of suspicious activities
- A unique cloud-based architecture that captures essential data around five core factors – user, device, resource, process, and behavior – to analyze and configure policies easily
- Full forensics timeline recording of information, combined with a simple search interface that helps analysts quickly determine the actions needed to boost an enterprise’s security posture
- A zero-configuration agent that is easy and fast to deploy; the solution can scale up to support over 10,000 agents without performance loss
- Out-of-the-box support for GDPR, ISO 27001, HIPAA and PCI DSS, with “ready-to-go” policies
Dr. Jamie Graves, chief executive officer and founder, ZoneFox said “we’re pleased to join the Fortinet team and bring together our shared vision of alleviating CISO concerns about insider threats. Integrating our solution with the Fortinet Security Fabric will allow us to extend our reach to a broad spectrum of Fortinet and third-party solutions to solve customers’ most difficult challenges in network security.”
Mr.Ken Xie, founder, chairman of the board and chief executive officer, Fortinet said “by combining ZoneFox’s cloud-based threat-hunting technology with Fortinet’s existing endpoint and SIEM security offerings, we are well positioned to provide our customers with an integrated approach to defend against insider threats, eliminate network blind spots and protect today’s expanding attack surface with automation and machine learning”
(Image Courtesy: www.em360tech.com)