Automated Incident Detection and Response
Flowmon has recently joined Fortinet’s Open Fabric Ecosystem by integrating with FortiGate and FortiSIEM. This cooperation brings automated system for threat detection and response, blocking security risks in their infancy, and giving time to administrators to carry out forensics.
FortiGate watches the perimeter and protects against external threats, Flowmon analyzes traffic in the network to detect unknown and insider threats that originate from within. Once Flowmon detects a sign of a threat (e.g., reconnaissance or lateral movement of an attacker), it sends a message to FortiGate, which in turn blocks the communication on the perimeter.
Simultaneous deployment of several detection techniques allows uncovering a wide spectrum of threats and makes life much easier for security administrators. What more, threats remain blocked for weeks, creating plenty of time for investigation and remediation