To avoid slow-downs, traditional sandboxing solutions let suspicious files pass into the organization while analysis for threats occurs offline. Then, if the file comes back as malicious, security teams have to scramble to find the malware as it moves deeper into the organization.
FortiGuard introduces the inline sandbox to hold suspicious files - without performance impact - by leveraging the cloud-scale malware analysis environment. Only files that have been analyzed and determined to be safe are let into the network.
The Inline Sandbox Service attaches to a number of Fortinet products, integrating across the Security Fabric, covering the network, endpoint, email, and more.
Fast to verdict
Machine learning and deep learning models enhance static and dynamic malware analysis and code analysis, supervised by FortiGuard labs
Inline blocking
Inline sandboxing holds suspicious files, leveraging the cloud-scale malware analysis environment
Broad integration
Zero-day threat protection is extended to a next-generation firewall, secure email gateway, and endpoint protection platform
Accelerated threat investigation
Built-in MITER ATT&CK matrix identifies a variety of malware techniques
Unified IT/OT zero-day threat protection
Protects both IT and OT environments and assets from malware with one solution
Unburdens security teams
Blocking unknown malware at the firewall, client, and mail levels results in fewer incidents and less investigation time and mitigation required.
