Fortinet black logo

Release Notes

Home FortiEDR/XDR 5.2.0 Release Notes
5.2.0
6.2.0
6.0.0
5.2.1
5.2.0
5.1.0
5.0.3
5.0.2
5.0.1
4.2.2
4.1.1
4.1.0

GA build (Central Manager and Core - Build 2040, Threat Hunting Repository - Build 2036)

GA build (Central Manager and Core - Build 2040, Threat Hunting Repository - Build 2036)

The FortiEDR 5.2.0 GA build includes the following features:

FortiEDR Connect (Remote Shell)

This new capability enables direct access to FortiEDR-protected devices through a remote shell connection. It enables authorized users to quickly investigate, collect data and remediate devices from the Central Manager Console. The feature includes a variety of built-in commands, or you can choose to upload and run custom scripts on the device. This capability requires the use of a v5.2 Windows Collector.

Enhanced Application Control Options

It is now possible to block applications in order to reduce the attack surface based on a richer set of application attributes, including application name, path and certificate. This capability requires the use of a v5.2 Windows Collector.

eXtended Pre-Canned Integrations

The new FortiEDR version expands built-in integration with 3rd-party security network systems. These out-of-the-box connectors make it easy to configure FortiEDR playbook to automatically trigger incident response actions in external systems as the result of a security event detected by FortiEDR.

Threat Hunting Data Retention Visibility

The estimated data retention period is now displayed on the Central Manager Console, which makes it easier to make decisions about managing data collection. It also exposes the need to add additional threat hunting repository storage add-ons when the retention period becomes short.

Japanese Localization of FortiEDR Console

A fully localized version of the FortiEDR Central Manager Console is now available in Japanese. This localized console can help Japanese organizations manage their endpoint protection more efficiently.

Syslog Additions

Syslog event messages have been enriched with recommended remediation details, MITRE techniques, and further events data.

Refer to Central Manager - Build 2040 for a list of resolved issues for this build.

Previous
Next

GA build (Central Manager and Core - Build 2040, Threat Hunting Repository - Build 2036)

The FortiEDR 5.2.0 GA build includes the following features:

FortiEDR Connect (Remote Shell)

This new capability enables direct access to FortiEDR-protected devices through a remote shell connection. It enables authorized users to quickly investigate, collect data and remediate devices from the Central Manager Console. The feature includes a variety of built-in commands, or you can choose to upload and run custom scripts on the device. This capability requires the use of a v5.2 Windows Collector.

Enhanced Application Control Options

It is now possible to block applications in order to reduce the attack surface based on a richer set of application attributes, including application name, path and certificate. This capability requires the use of a v5.2 Windows Collector.

eXtended Pre-Canned Integrations

The new FortiEDR version expands built-in integration with 3rd-party security network systems. These out-of-the-box connectors make it easy to configure FortiEDR playbook to automatically trigger incident response actions in external systems as the result of a security event detected by FortiEDR.

Threat Hunting Data Retention Visibility

The estimated data retention period is now displayed on the Central Manager Console, which makes it easier to make decisions about managing data collection. It also exposes the need to add additional threat hunting repository storage add-ons when the retention period becomes short.

Japanese Localization of FortiEDR Console

A fully localized version of the FortiEDR Central Manager Console is now available in Japanese. This localized console can help Japanese organizations manage their endpoint protection more efficiently.

Syslog Additions

Syslog event messages have been enriched with recommended remediation details, MITRE techniques, and further events data.

Refer to Central Manager - Build 2040 for a list of resolved issues for this build.

Previous
Next