Introduction
FortiRecon is a Digital Risk Protection (DRP) service that operates alongside existing security solutions to provide you with both external and internal visibility into your infrastructure. This holistic view allows you to see your environment as an adversary would, enabling swift detection and mitigation of potential threats. The service maps your organization's digital footprint, both external and internal, while constantly monitoring it for abnormal activity. The service gives organizations the intelligence to mitigate credible security threats in a controlled manner as part of ongoing security efforts.
FortiRecon scans the organization's attack surface and identifies risks to assets across both external and internal domains while FortiGuard Threat Intelligence delivers early warning of risks to the organization through targeted, curated intelligence to provide an early warning of any malicious activity targeted to the organization.
The FortiRecon portal includes the following modules:
|
Overview |
The Overview module provides a centralized view of your organization's digital risk posture across Attack Surface Management (ASM), Brand Protection (BP), and Adversary Centric Intelligence (ACI) modules. Discovered issues are mapped to relevant MITRE ATT&CK techniques and sub-techniques, providing a valuable framework for understanding attacker motivations and potential attack paths. See Overview. |
| Attack Surface Management |
The External Attack Surface Management (EASM) module provides an adversary’s view of the organization digital attack surface and prioritizes risks and exposures, enabling administrators to mitigate threats in a controlled manner before the threats become a problem. See EASM. |
|
The Internal Attack Surface Management (IASM) module provides visibility into internal network, identifying vulnerabilities within the organization's perimeter. It helps administrators discover internal assets, assess associated risks, and take mitigation steps. See IASM. |
|
| Brand Protection |
The Brand Protection (BP) module continually monitors the organization’s public-facing visibility for unauthorized changes, including web-based phishing attacks, typo-squatting, rogue applications, credential leaks, and brand impersonation in social media, which may impact brand value, integrity, and trust. See Brand Protection. |
| Adversary Centric Intelligence |
The Adversary Centric Intelligence (ACI) module leverages FortiGuard Threat Analysts to provide comprehensive coverage of dark web, open source, and technical threat intelligence, including threat actor insights. This information enables administrators to proactively assess risks, respond faster to incidents, better understand their attackers, and protect assets. See Adversary Centric Intelligence. |
| Profile Settings |
The Profile Settings module allows you to personalize your FortiRecon account and provide information on your organization. See Profile settings. |
|
FortiRecon APIs are available on the Fortinet Developer Network (FNDN). You must first register an account on FNDN to gain access. |