Fortinet’s FortiGuard Labs has launched new cloud-based sandboxing and IP reputation services that are designed to help protect against advanced persistent threats (APTs). The new FortiGuard Labs services provide additional protection capabilities for the company’s FortiGate, FortiCloud, FortiWeb, FortiDDoS and FortiDNS network and application security platforms.
APTs are usually operated by highly-skilled teams or governments and use advanced technology and multiple methods and vectors to reach specific targets and obtain sensitive or classified information. Also known as targeted attacks, reconnaissance is carried out on each target to determine best method of entry. Social engineering or zero day vulnerabilities are the most common infection vectors.
The FortiGuard cloud-based sandboxing service uses behavioral attributes to detect malware by executing them within a virtual environment. This serves as an additional protection layer that complements FortiGate’s existing, award-winning antivirus engine and its unique inline lightweight sandbox. Suspicious files can be submitted automatically to the new hosted service for further scanning without significantly impacting a FortiGate’s performance. In addition, FortiCloud has added a new feature that serves as the online sandboxing portal, which provides detailed status and visibility into the scanned results.
FortiGuard Labs continually investigates and monitors IPs that are compromised or behaving abnormally. The service uses a number of different techniques, including historical analysis, honeypots and botnet analysis to provide immediate protection for FortiGate, FortiWeb and FortiDDoS platforms against wide scale automated attacks. The service also continuously learns from a global footprint of threat sensors, tracking malicious events to IP addresses in real time.
“Today’s advanced persistent threats are challenging both IT personnel and network security vendors. While the signature approach to malware abatement is not going away overnight, additional dynamic safeguards need to be implemented now in order to effectively combat these threats at all layers in rapid fashion,” said Derek Manky, global security strategist for Fortinet. “The new services announced today offer a strategic approach to detect and respond to breaking threats from numerous attack vectors. Modern threats strike and shift quickly and so should detection.”
One of the biggest challenges in Internet security is how to deal with today’s ever evolving botnets. In the following free report, FortiGuard Labs researchers explain what a botnet is, how they’re used, the people behind them and how cybercrime has evolved into a complex and well-organised hierarchy, and what users can do to fight back.