FortiRecon
FortiRecon is a SaaS-based Continuous Threat Exposure Management (CTEM) service that provides comprehensive visibility into internal and external attack surfaces and risk exposure. The service consists of three main components: 1. Attack Surface Management (ASM): Continuously monitors and identifies internet-facing unmanaged, vulnerable, and misconfigured assets, security certificate issues, leaked credentials, and vulnerable internal assets. It helps organizations gain control over all assets and prioritize remediation based on risk exposure. 2. Brand Protection: Monitors an organization's external brand reputation for threats such as typosquatting, rogue applications, phishing campaigns, and brand impersonations via websites and social media. It includes Executive Monitoring to identify issues like account takeovers, darknet mentions, and social media threats. The service offers takedown capabilities to disrupt brand attacks. 3. Adversary Centric Intelligence (ACI): Provides organization-specific and curated dark web, open source, and technical threat intelligence. This includes threat actor insights, potential ransomware attacks on the organization or supply chain vendors, and evidence of attacks in process. FortiRecon integrates with SIEM and SOAR systems for risk and threat intelligence correlation and orchestrated response. It maps detections to the MITRE ATT&CK framework to provide an accurate picture of the tactics, techniques, and procedures attackers might use. The service also monitors supply chain vendor risks, including attack surface exposure, ransomware incidents, and leaked data. As part of the Fortinet SecOps platform, FortiRecon aims to help organizations counter attacks at the reconnaissance phase to reduce the risk, time, and cost of later-stage threat mitigation.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A solution that discovers, analyzes, and helps remediate vulnerabilities across an organization's external digital attack surface by identifying and monitoring internet-facing assets.
A platform that maps enterprise attack surfaces by consolidating asset inventory, prioritizing vulnerabilities based on exposure, and providing contextual visualization of security risks.
StrikeOne is a vulnerability management platform with AI capabilities that helps organizations identify, prioritize, and remediate security vulnerabilities through attack surface management, vulnerability management, and cybersecurity posture assessment.
An attack surface management platform that discovers, maps, and monitors an organization's external digital assets to identify vulnerabilities and security weaknesses before they can be exploited.
A threat exposure management platform that unifies security operations by discovering assets, prioritizing vulnerabilities based on risk, and providing guided remediation across an organization's attack surface.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
XRATOR is a cybersecurity platform that continuously identifies vulnerabilities, assesses business risks, and manages security posture to align with strategic objectives and compliance requirements.
A free online service that scans the dark web for exposed credentials and sensitive data associated with specific domains or email addresses.
DeTCT is a digital risk discovery and protection platform that monitors attack surfaces, vulnerabilities, data leaks, brand impersonation, and third-party risks to help organizations manage their cyber risk posture.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.