Fortinet wants to put an end to threats by so-called insiders. In order to further improve its products for this purpose, the security company has acquired machine learning specialist ZoneFox. This company needs to bring the security specialist more smart technology to automate the detection of threats from within and to be able to respond quickly to them.
According to the security specialist, threats to so-called insiders, often employees, former employees, hired parties or cunning hackers who pretend to be employees through social engineering, are a huge problem for companies and organisations today. Research has shown that 30% of all security incidents are the result of the insider’s actions, whether deliberate or not.
Good protection is therefore necessary. Especially now that the number of endpoints within corporate networks is growing extremely fast, users are accessing more and more data and are using more and more cloud services. Combating these insider threats is difficult as there are too many unknown factors, such as blind spots in the networks where monitoring is not possible.
ZoneFox detects insider threats
In order to be able to offer its customers good protection against this, Fortinet has now acquired ZoneFox. This specialist’s solutions use agents to constantly monitor desktops, laptops and servers, as well as used cloud services. This functionality also works when the endpoints are not connected to the network.
In this way, companies can learn more about the user behaviour of their employees, the employees themselves, what devices they use and of course what processes they carry out with their devices and what files they view.
All data collected by ZoneFox is forwarded to the company’s cloud-based AI engine. In this intelligent environment, the data is tested against previously collected data on the (user) behaviour of the monitored company network.
Machine learning technology, or Augmented Intelligence as Fortinet calls it, then uses a special anomaly detection algorithm to detect deviant behavior and check for known patterns of ransomware, hacking tools, or violations of predefined access policies, for example. If an anomaly is indeed found, even if it has not been discovered before, the application will issue a warning so that end-users can intervene quickly.
Addition to Fortinet portfolio
ZoneFox’s solutions complement Fortinet’s FortiClient and FortiSIEM products. In addition, this will further strengthen the Fortinet Security Fabric. In concrete terms, this means that the security specialist can now offer end users improved insight into endpoints, data flows and user behaviour inside and outside the network, among other things.
In addition, machine learning technology enables the Fortinet solutions mentioned to scan billions of events every day. As a result, warnings can be given quickly about blind spots in the network and end users can be informed quickly about suspicious activities on the network.
It goes without saying that these data are provided in clear overviews for the end users. Finally, the services now acquired comply with the correct legislation and standards, such as the GDPR, ISO 27001, HIPAA and PCI DSS.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.