FortiRecon is a SaaS-based Continuous Threat Exposure Management (CTEM) service that provides comprehensive visibility into internal and external attack surfaces and risk exposure. The service consists of three main components: 1. Attack Surface Management (ASM): Continuously monitors and identifies internet-facing unmanaged, vulnerable, and misconfigured assets, security certificate issues, leaked credentials, and vulnerable internal assets. It helps organizations gain control over all assets and prioritize remediation based on risk exposure. 2. Brand Protection: Monitors an organization's external brand reputation for threats such as typosquatting, rogue applications, phishing campaigns, and brand impersonations via websites and social media. It includes Executive Monitoring to identify issues like account takeovers, darknet mentions, and social media threats. The service offers takedown capabilities to disrupt brand attacks. 3. Adversary Centric Intelligence (ACI): Provides organization-specific and curated dark web, open source, and technical threat intelligence. This includes threat actor insights, potential ransomware attacks on the organization or supply chain vendors, and evidence of attacks in process. FortiRecon integrates with SIEM and SOAR systems for risk and threat intelligence correlation and orchestrated response. It maps detections to the MITRE ATT&CK framework to provide an accurate picture of the tactics, techniques, and procedures attackers might use. The service also monitors supply chain vendor risks, including attack surface exposure, ransomware incidents, and leaked data. As part of the Fortinet SecOps platform, FortiRecon aims to help organizations counter attacks at the reconnaissance phase to reduce the risk, time, and cost of later-stage threat mitigation.