Fortinet Acquires ZoneFox
Adds Machine Learning Based Threat Detection and Response Capabilities to Protect Enterprises from Insider Threats
On October 23, 2018, Fortinet announced the acquisition of ZoneFox, Inc., a leading provider of a cloud-based security platform that effectively combats the growing issue of insider threats within enterprises or service providers. According to a recent reputed breach report, 30% of breaches involved insiders acting negligently or maliciously. Such threats affect enterprises across all sectors, including healthcare, government, financial services, and retail.
The combination of Fortinet and ZoneFox further enhances the Fortinet Security Fabric by providing enterprises with deeper visibility into endpoints, user behavior as well as resource access and data movement. This capability helps shine light on security blind spots, thus addressing CISOs’ concerns on insider risks. Some use cases include, but are not limited to, endpoint-to-endpoint threat movement, data exfiltration, internal recon, insider fraud, unauthorized asset access, account misuse or compromise.
ZoneFox cloud-based threat hunting platform complements FortiClient endpoint security with endpoint detection & response (EDR) capabilities and extends FortiSIEM with additional user entity behavior analytics (UEBA) features.
ZoneFox’s key technology differentiators include:
- Machine learning that distills billions of events per day into high-quality threat leads to uncover blind spots and to alert suspicious activities
- Unique architecture that captures just the essential data around five core factors; user, device, resource, process, and behavior – to perform targeted analysis and to configure policies easily
- Full forensic timeline of information, combined with an easy-to-use search interface that helps security analysts quickly determine the actions needed to bolster enterprise security posture
- Zero-configuration agent that is easy to deploy. On-premise or in the cloud and can scale up to support tens of thousands of endpoints without performance loss.
- Out-of-the-box support for GDPR, ISO 27001, HIPAA and PCI DSS, with “ready-to-go” policies
- Smart visualization and reporting capabilities