FortiRecon – What the heck is this?

Okay, there’s this thing called the Fortinet Digital Risk Protection solution. And Fortinet FortiRecon is a part of Fortinet DRP.

You might know about Fortinet’s well-known and extensive portfolio of cyber-security and networking products and solutions. But what about the cyber risks to a brand? Things that go beyond the typical scope of security concerns or coverage? Addressing these digital risks is an important extension of the enterprise security architecture, and of a company’s secure digital footprint.

FortiRecon has a lot more to offer than just a cool name. It is a suite that is comprised of three elements: Brand Protection, Adversary-Centric Intelligence, and External Attack Surface Management.

FortiRecon External Attack Surface Management

FortiRecon External Attack Surface Management continuously assesses an organization’s digital surface. It discovers, identifies, and alerts to new weaknesses and vulnerabilities. It also analyzes new digital assets. EASM provides immediate visibility to, and remediation actions for, any newly discovered asset, vulnerability, or public exposure.

To put it another way, External Attack Surface Management provides a comprehensive overview of what an organizations digital attack surface looks like from the outside. Don’t think of it as a pen test. Instead, it provides an external view of your critical network infrastructure. It then lets you know the types of attacks that are commonly seen against those type of assets and then provides recommendations to protect the weak spots.

EASM gives you historical views that help identify patterns of change, policy violations, areas for improvement, and other potential risk areas for your company over time. With current and historical perspectives, security teams can resolve issue areas and better understand those risks in need of more scrutiny. EASM remediation guidance helps prioritize and focus scarce resources on the highest-priority risks. In the meanwhile, security teams can make mitigation plans for others.

FortiRecon Brand Protection

FortiRecon Brand Protection provides a brand-specific view of threats, and enables organizations to get early warnings of brand and reputation risks. Things like credential breaches, typo-squatting and defacements, rogue applications, harmful social media posts, brand impersonation, phishing, and other digital risks.

There’s alot of ways brands can be compromised. For example, a mobile app is distributed by cybercriminals that pretends to be from a legitimate company. Or, credentials can be stolen and it ends up in the news. This leaves the impression that the company is not trustworthy with sensitive data. Or, a company website is defaced or otherwise rendered useless. It makes the site unreachable for online purchases or conducting other business.

As another example, threat actors spoof a company website for the purpose of defrauding or attacking visitors.

FortiRecon Brand Protection monitors social media, web, phishing, and mobile for clones of pages, rogue apps, impersonization of accounts and more. With alerting and takedown services, FortiRecon Brand Protection sends immediate notifications of newly discovered issues and offers mitigation in the form of takedown services.

FortiRecon Adversary-Centric Intelligence

Adversary-Centric Intelligence is a result of intelligence from FortiGuard threat experts who monitor and assess the dark web, underground adversary forums, and open-source intelligence sources. They then curate intelligence pertinent to a company, geography, or sector. They gather information on imminent threats and illegitimately acquired data on an organization’s behalf.

FortiRecon ACI provides contextual insights into imminent threats. This means faster response to incidents, a better understanding of attackers, and the ability to safeguard assets. ACI comprehensively covers the dark web and other underground and invite-only forums, and more.

The intelligence generated includes threat-actor insights to help you proactively assess risks. It looks for vulnerabilities in existing on-premises, cloud, and remote presence and increase the security awareness of staff.

FortiRecon ACI includes human intelligence (HUMINT) by researchers’ direct engagement in invitation-only, closed forums, dark web, open source, and other sources. Our analysts also assess and curate the intelligence for its’ relevance to you specifically. Then, it assigns Admiralty or NATO System confidence ratings for the reliability of the source and the assessed level of confidence in the information.

These FortiRecon technologies are part of the Fortinet Security Fabric, which delivers end-to-end security across every stage of the attack lifecycle with FortiGuard threat intelligence for up-to-date protection.

FortiRecon Digital Risk Protection

In a nutshell, then, FortiRecon is an extension to your current enterprise security architecture. It lets you see and mitigate three additional areas of risk, which are Digital asset risks, Brand-related risks, and Underground and imminent threats.

Fortinet Digital Risk Protection is about securing the parts of a company’s digital presence that fall beyond the scope of traditional cybersecurity. Those systems protect networks, users, and data. DRP, by contrast, protects digital assets. It enables executives to take swift action in these “extended” areas of concern outside of the traditional security posture. It’s a lot to take in, and Corporate Armor is ready to assist you by answering any further questions you may have, and by helping to tailor FortiRecon to your organization’s unique needs. So just email us, or call Corporate Armor at 877-449-0458. Thanks for reading!

The full FortiRecon solution includes

Broad coverage – digital asset discovery, data leak detection on underground and open forums, and brand attacks for swift action
Takedown service for accounts, websites, and rogue mobile applications
Licensing flexibility, for “outside-in” visibility when it’s needed
Executive to technical-level views with an intuitive graphical user interface
Threat expertise access from additional FortiRecon analyst time to incident response and assessment services

FortiRecon EASM solution brief

FortiRecon Brand Protection solution brief

FortiRecon Adversary-Centric Intel solution brief