FortiGuard Labs Advisory Services
Incident Readiness and Response Services
Experienced an Incident? Get Outbreak Alerts
Every Second Counts
Today’s threat actors are continuously innovating, creating more sophisticated attacks and methods of delivery. As such, it’s a matter of when, not if, your organization will fall victim. Unfortunately, many organizations simply don’t have the expertise to investigate, respond, or remediate quickly when faced with a security incident. If not prepared to launch an immediate expert response, there will typically be more severe damage and higher business impact. Engage Fortinet experts to better prepare, rapidly respond, and take the most effective actions at every step.
FortiPrepare
Identifies vulnerabilities, customizes incident response plans, and more
- Penetration testing
- Threat simulation
- Response planning and training
- Ransomware readiness
FortiResponse
Quickly detects, contains, and remediates incidents
- Compromised host/account identification
- Document event timeline
- Malware and IOC analysis
- Exfiltrated data, access methods, patient-zero location
Digital Risk Protection service investigates what adversaries are seeing, doing, and planning
- Attack surface management
- Brand protection
- Adversary centric intelligence (ACI)
FortiPrepare
Our comprehensive suite of services provides a holistic view of your security posture. By simulating real-world attack scenarios and conducting in-depth analyses, we help you identify vulnerabilities, assess incident response capabilities, and enhance overall security posture to effectively prevent and respond to cyberthreats. Additionally, through collaborative workshops and knowledge sharing, FortiGuard Labs assists in crafting tailored incident response plans and playbooks that align with your organization's unique requirements.
Our assessments commonly include:
- Focused interviews
- Review of existing policies, procedures, and documentation
- Thorough analysis and custom exploitation
- In-depth reporting
FortiResponse
Respond to Security Incidents Within One Hour*
FortiGuard Labs' expert researchers, engineers, and analysts around the world have been tracking breaking threats and new tactics, techniques, and procedures of threat actors for years. Our Digital Forensics and Incident Response (DFIR) team leverages that experience and cutting-edge IR/forensics technology to assist with the detection, analysis, containment, and remediation of security incidents. This reduces the time to resolution, limiting the overall impact of an incident to the organization.
*For subscribers. Others, shortly thereafter.
Emergency Digital Forensic and Incident Response
The FortiGuard Labs team provides a vendor-agnostic response to those experiencing an emergency. To the extent possible, FortiGuard Labs IR will:
- Identify compromised host(s)
- Identify compromised account(s)
- Document a timeline based on pertinent historical events
- Conduct in-depth malware analysis
- Identify Indicators of Compromise (IOCs) and forensic artifacts
- Identify exfiltrated data and methods used for exfiltration
- Identify initial access into the environment and patient-zero information
FortiRecon
FortiRecon is a cloud-based Digital Risk Protection Service (DRPS) that provides organizations with visibility into their external attack surface and helps them to identify and mitigate risks. It leverages a combination of human intelligence and machine learning to deliver actionable threat intelligence, enabling organizations to proactively defend against cyberattacks. Key features include:
- Supply-chain vendor risk assessment
- Identification & mitigation of brand attacks
- Takedown services
How Fortinet Can Help
FortiGuard Labs Advisory, FortiPrepare, and FortiRespond Services deliver critical services before, during, and after a security incident. Our experts arm your team with fast detection, investigation, containment, and return to safe operation. To remediate a security event, we make key determinations including:
- How the attacker got into your network
- Whether they are still there
- Their entire footprint in your network
- If they have achieved more access
- What is needed to scope, contain, eradicate, and repair the incident
Beyond immediate response, we perform comprehensive assessments to help you gain a clear understanding of your current security posture, identifying vulnerabilities and areas for improvement. Tailored recommendations and best practices enhance incident response capabilities to effectively prepare for, detect, respond to, and recover from future cyber incidents.
FortiGuard Labs Advisory Service
The FortiGuard Labs Advisory Service is an annual subscription that provides options and flexibility, so you can effectively expand and evolve your SOC strategies. With a comprehensive menu of service options, our annual subscription allows you to focus on the most pressing needs and priorities.
What’s Included:
- Incident Response Readiness Assessment
- Service points for any of our assess, improve, or respond services
- Rapid response time
- One (1) year subscription
