Skip to content Skip to navigation Skip to footer
Overview
Case Studies & Reviews
Resources

Overview

FortiRecon Digital Risk Protection (DRP), a SaaS-based service, includes Attack Surface Management, Brand Protection, and Adversary Centric Intelligence (ACI). Part of the Fortinet SecOps platform, FortiRecon shows what adversaries are seeing, doing, and planning. This helps you counter attacks at the reconnaissance phase and significantly reduce the risk, time, and cost of later-stage threat mitigation.

Get a 3-in-1 Threat Intelligence Service with Single Platform, Centralized Visibility

FortiRecon provides complete visibility into your internal and external attack surfaces and risk exposure. It identifies exposed, vulnerable known and unknown assets and prioritizes remediation. Brand Protection detects and remediates (takes down) cyber-related risks to your brand (fraudulent websites, social media impersonations, rogue mobile apps). Dark web monitoring delivers curated threat intelligence pertinent to your organization, vendors, geo, and sector.

Read the blog

Avoid Blind Spots in Security Monitoring with FortiRecon ASM

FortiRecon alerts on external and internal weak points that attackers can exploit to access your network and move laterally. It continuously monitors and identifies internet-facing unmanaged, vulnerable, and misconfigured assets, security certificate issues, leaked credentials, and vulnerable internal assets. This helps you gain control over all assets. You can prioritize remediations and proactively optimize defenses based on risk exposure, potential and current attacks on software vendors, vulnerabilities exploited in the wild, and more.

Watch Now

Identify and Stop Brand Threats in Their Tracks with FortiRecon Brand Protection

Continually monitors the organization’s external brand reputation for typosquatting, rogue applications, phishing campaigns, and brand impersonations via websites and social media, which may impact brand value, integrity, and trust. The service also monitors high-value targets within the organization using Executive Monitoring to identify issues like account takeovers, darknet mentions, social media threats, and stealer infections, which may be used by threat actors in targeted attacks. Takedown service is available for disrupting brand attacks.

Go Beyond Pure Threat Intel Feeds with FortiRecon Dark Web Monitoring

FortiRecon ACI uses a powerful combination of artificial intelligence, machine learning, and HUMINT. FortiGuard Labs’ cybersecurity experts provide unrivaled, organization-specific and expertly curated dark web, open source, and technical threat intel, including threat actor insights, and past/potential ransomware attacks on your organization or supply chain vendors. The experts enhance the offering with guidance on prioritizing remediation efforts, and also detect evidence of attacks in process. With this type of info, it is exceedingly easier to act fast and remediate threats quickly.

Features and Benefits

Supply-Chain Vendor Risk Assessment    

Continuously monitors vendor risks including attack surface exposure, ransomware incidents, leaked data

Identification & Mitigation of Brand Attacks

Alerts and takes down threats to your brand such as fake websites, mobile apps, social media accounts

Continuous Internal & External Asset Discovery

Discovers and maps exposed assets that can be exploited by attackers

Simplified Remediation Workflows

Integrates SIEM and SOAR for risk and threat intel correlation and orchestrated response

Takedown Services

Provides rapid response using FortiGuard Labs’ takedown services

Card-Fraud Monitoring

Provides info on credit/debit cards for sale on darknet marketplaces including breach info, images

FortiRecon Use Cases

Vulnerability Intelligence and Prioritization
Monitors and reports on vulnerabilities and exploits being actively used and discussed on the dark web
Ransomware Intelligence
Monitors ransomware threat actors’ activities and reports on relevant past and potential targets and TTPs
MITRE ATT&CK View
Maps detections to MITRE ATT&CK framework, provides accurate picture of the TTPs attackers can use or are currently using against you
Actionable Threat Insights
Delivers early warning on risks to your brand, enterprise assets, supply chain vendors, and software
Reduced SOC Overhead
Delivers threat intelligence tailored to your organization, gives early warning of adversarial activity
Far-Reaching Threat Sources
Discovers current/potential threats with dark web, Pastebin, forum, market, and OSINT monitoring by FortiGuard Labs experts

Case Studies

Hong Kong Broadband Network Group (HKBN)
Hong Kong ICT Powerhouse Deploys Fortinet FortiRecon to Detect, Prevent, and Remediate Cyberattacks at the Earliest Possible Stage

Resources

Data Sheets
Blog
Podcast
Solution Briefs
Threat Reports
Threat Intelligence
Videos
Webinars
FortiRecon Ordering Guide »

FortiRecon Ordering Guide

FortiRecon Datasheet »

FortiRecon Datasheet

Key Findings from the 2H 2023 FortiGuard Labs Threat Report »

In this report, we examine the cyberthreat landscape in 2H 2023 to identify trends and offer insights on what security professionals should know.

Proactively Detect and Respond to External Threats Using FortiRecon Digital Risk Protection Service »

FortiRecon, Fortinet’s Digital Risk Protection (DRP) SaaS-based service, can help. It combines three technologies and services—External Attack Surface Management, Brand Protection, and Adversary Centric Intelligence—to help you proactively protect your digital assets and data from external threats.

Guidance On an Ongoing Hacktivist Operation #Opspatuk Conducted by The Malaysian Hacktivist Threat Group 'DragonForce' Against Indian Organizations »

The 'OpsPatuk' operation began on June 6, 2022. That’s when the Malaysian hacktivist group known as DragonForce began targeting India in retaliation for controversial comments made by a BJP spokesperson.

Tech Bytes: Fortinet’s FortiRecon Customizes Digital Risk Protection »

Welcome to the Tech Bytes podcast. We’re talking security reconnaissance with sponsor Fortinet. We drill into FortiRecon, a service that can provide critical information, personalized for your organization, about potential threats to company assets, employees, and customers. Our guest is Karin Shopen, VP of Cybersecurity Solutions and Services at Fortinet.

Global Threat Landscape Report, 2H 2023 »

FortiGuard Labs Global Threat Landscape Report offers a snapshot of the active threat landscape and highlights the latest industry trends.

Global Threat Landscape Report, 1H 2023 »

FortiGuard Labs 1H 2023 Global Threat Landscape Report provides valuable intelligence and early warning for potential threat activity.

Global Threat Landscape Report, 2H 2022 »

New vulnerabilities are on the rise, but don’t count out the old. Don’t become a statistic - get the latest Global Threat Landscape report.

Ransomware-as-a-Service Programs and Their Ecosystems »

The report covers protection recommendations for IT and OT organizations for ransomware observed during Q2 2022.

Darknet Trends for Q2 2022 »

The report covers protection recommendations for IT and OT organizations for darknet activity observed during Q2 2022.

Extend Threat Intelligence Outside the Perimeter »

FortiRecon delivers easy-to-understand, high-value threat intelligence on attacker-exposed vulnerable assets and threat actors’ activities, tools, and tactics. The service identifies brand impersonations and monitors ransomware and data breach leaks related to your organization and supply chain or third-party vendors. This enables you to take proactive steps to remediate and execute takedowns to minimize risk and exposure.

Security Automation Summit: Extend Threat Intelligence Outside the Perimeter »

Malicious actors are constantly launching cyberattacks, leveraging vulnerable internet-facing assets, domain infringement, phishing websites, rogue mobile apps, fake social media accounts, and more. The earlier you can view what adversaries are seeing, doing, and planning, the faster you can adjust your security posture and respond.

FortiRecon: External Threat Detection and Protection »

FortiRecon provides organization-specific, expert-curated and actionable External Attack Surface (EASM) intelligence, identifies threat actors’ activity and brand infringement, and monitors ransomware data leaks, to proactively help remediate and execute takedowns or purchase the stolen data on an organization’s behalf. In this session, SVP Product Technology & Solutions, Carl Windsor, introduces FortiRecon, Fortinet’ Digital Risk Protection (DRP) service, using key case studies and real-life business scenarios.

FortiRecon Brand Protection »

FortiRecon Brand Protection, part of FortiRecon Digital Risk Protection (DRP) service, continuously monitors the organization’s digital footprint for unauthorized changes, typosquatting, rogue applications, credential leaks, brand impersonation on social media, and web-based phishing attacks, which may impact brand value, integrity, and trust.

FortiRecon External Attack Surface Management (EASM) »

FortiRecon External Attack Surface Management, part of FortiRecon Digital Risk Protection (DRP) service, identifies exposed known and unknown enterprise assets and associated vulnerabilities across the company, subsidiaries, and new acquisitions. It discovers servers, credentials, public cloud misconfigurations, and even third-party partner software code vulnerabilities that could be exploited.

FortiRecon AdversaryCentric Intelligence (ACI) »

FortiRecon Adversary Centric Intelligence (ACI), part of FortiRecon Digital Risk Protection (DRP) service, provides curated, relevant and contextual insights into an organization's imminent threats, enabling them to respond faster to incidents, better understand their attackers, and safeguard their assets.

How to Win the Reconnaissance Phase »

Join us to watch a demo of how FortiRecon provides organizations with a view of what adversaries are seeing, doing, and planning.

FortiRecon News

Free Product Demo

Find how to counter attacks via attack surface management, brand protection, and dark web monitoring with a self-guided demo

What to Expect:

  • Learn how to identify emerging threats to your digital assets, supply chain, and brand
  • See how to prioritize remediation based on exposure
  • Find out how to detect and take down cyber risks

Quick Links

Free Product Demo

Explore key features and capabilities, and experience user interfaces.

Resource Center

Download from a wide range of educational material and documents.

Free Trials

Test our products and solutions.

Contact Sales

Have a question? We're here to help.