Blogs

Announcing FortiEDR 5.2

By Brook posted May 20, 2022 12:12 PM

  

We are pleased to announce the release of FortiEDR 5.2. Our focus this time around was to improve extended detection and response (XDR), the lives of our administrators, and introduce Japanese language support. Our long-term roadmap and plan is to build the industry’s most robust multi-Data Lake XDR platform, and this release features a small part of that plan.

For instance, we added advanced XDR visibility, allowing pointed insights into the different correlated detection incident sources, and by doing so accelerated the forensics process. Secondly, we extended our multi-Data Lake XDR-feed support to include Google Cloud Logging, enabling extended detection and visibility via data correlations of Google Cloud services. Please stay tuned for more announcements involving XDR and other items on our roadmap.

In case you were not aware, our EDR platform comes with prebuilt, customized enabled connectors for third-party appliances and solutions, such as firewalls, identity, mail, sandboxes, work-stream collaboration products, and others, all designed to enable customized, predefined incident response playbooks. With this launch for FortiEDR, we now enable additional prebuilt connectors and respective actions for many commonly used third-party solutions, allowing to simply orchestrate incident response across the entire enterprise.

Further, we added role-based access control (RBAC) for administrators and users of the management console to avoid risking security settings misconfigurations. We also wanted to grant administrators the ability to troubleshoot issues on endpoints remotely for their work-from-anywhere workforce; but in the past, we had some concerns after seeing remote shell being abused. So, we created Secure Remote Shell, which offers a suite of security utilities, including the generation of single-use time-defined certificates that enable remote sessions as a way to mitigate abuse by narrowing the window in which one can remotely connect to the device.

FortiEDR comes in three different flavors with a different set of options. We enhanced our intro package, Discover and Protect, by adding in three new features without an increase in price. Our Discover and Predict package now features advanced forensics, MITRE tagging, and automated incident response. Customers with an active subscription to this set can take advantage of these features.

For more information on FortiEDR, please visit our website. I also invite you to below on how one can use the FortiEDR automated incident response option, which will save you a lot of time and bolster your security stance.

Permalink