Delete any file from any collector in the organization

Find and delete all instances of a known malicious file or hash in the organization

Identify all instances of a known malicious file or hash and notify affected users

Execute playbooks to isolate affected collectors in the organization

Contact Fortinet support

Terminate the process and uninstall the third-party application

Immediately create an exception

Investigate the event to verify whether or not the application is safe

Radius

SAML

TACACS

LDAP

By preventing data exfiltration or encryption even after a breach occurs

  By using methods used by traditional EDR

By insurance against ransomware

By real-time filtering to prevent malware from executing

It helps to make sure the hash is really a malware

It helps to check the malware even if the malware variant uses a different file name

It helps to find if some instances of the hash are actually associated with a different file

It helps locate a file as threat hunting only allows hash search

ADMIN

USER

LOCAL ADMIN

REST API

FortiNAC

FortiGate

FortiSiem

FortiSandbox