ディセプションのプラットフォーム

Security operations requirements, like threat detection and response, continue to grow more challenging each year. According an Economic Validation report from TechTarget’s Enterprise Strategy Group, it can take 168 hours or more, on average, to identify threats, while many threats are never detected.1 Therefore, CISOs should consider deception technology for improving threat detection and response. Modern deception technology like FortiDeceptor combines the historical value of deception technology with ease of use, automation, and actionable intelligence—creating an active defense. These benefits are especially important for organizations with limited security staff and skills and those merging IT and OT.

Improved Security Team Operational Efficiency and Reduced Risk to the Organization, Each by Up to 99%

Deception can provide value across the attack chain by not only deceiving adversaries, but also detecting, enabling forensics data, or even helping with real-time mitigation.

Protecting business-critical data is becoming increasingly complex—and by extension, increasingly relevant for today's organizations. One critical element of this evolution is their increasing reliance on, and hyperconnectivity across foundational technologies such as data centers, cloud platforms, SaaS applications, and broadly adopted software vendors like Microsoft and SAP.

Deception technology should be fully integrated with NGFW, NAC, SIEM, Sandbox, SOAR, and EDR solutions to automate the mitigation response based on ransomware detection. By combining deception technology with a comprehensive security platform, organizations will be able to detect and respond to attacks, such as ransomware, long before they can achieve their malicious goals.

フォーティネット製品一覧 | FortiGateをはじめとする代表的な製品と仕様

外部・内部脅威の検知とレスポンスの自動化 | FortiDeceptor Rugged 100G / 1000G / VM

FortiDeceptor Ordering Guide

Today on the Tech Bytes podcast we’re talking deception. That is, deceiving attackers that try to exploit your network by creating fake assets and infrastructure. Sponsor Fortinet is here to talk about using deception techniques to spot intruders via its FortiDeceptor product. We’ll also talk about threat reconnaissance capabilities of a product called FortiRecon. Our guest is Moshe Ben Simon, VP of Product Management.

FortiDeceptor is a simple-to-use, non-intrusive solution that provides early detection of threats that target OT and IT environments. By deploying decoys and honeytokens, FortiDeceptor automates the containment of cyberattacks before serious damage occurs.

With FortiDeceptor-as-a-Service, you can leverage advanced deception technologies to deceive attackers into engaging with fake assets, data, and applications.

統合型防御：EDR、NDR、ディセプションテクノロジーを組み合わせて早期の脅威検知とレスポンスを実現

Whether a security breach happens due to an external or internal attack, it can take months for an organization to discover the breach and begin remediation.

Moshe Ben Simon makes the case and provides examples of how deception technologies can be used in OT systems. This can delay the attacker and give the defender more time to detect and respond to the attack before the attacker succeeds. Deception also provides a high fidelity signal since no one should access the deception device or system.

In operational technology environments, safety and continuity are crucial considerations—but traditional security controls simply won’t protect OT infrastructure, much of which wasn't designed to combat today’s fast-evolving threats. With air gaps between IT and OT decreasing and OT/IT devices often deployed in the same segment, bad actors have increased opportunities to move laterally across IT/OT infrastructures.

FortiDeceptor, Fortinet’s innovative, non-intrusive, agentless OT/IT/IoT deception solution is a force multiplier to current security defenses, providing early detection and response to active in-network threats. The FortiDeceptor decoys generate high-fidelity, intelligence-based alerts that result in an automated incident response to help stop zero-day attacks. In this session, VP Product Management, FortiDeceptor, Moshe Ben Simon, provides valuable tips and insights on how to use deception for early breach detection and protection against cyber threats across the IT/OT environment.

Fortinet's FortiDeceptor is a Distributed Deception Platform (DDP), simulating various types of IT, OT, ICS, and IoT decoys, as well as critical applications (e.g. ERP/SAP, etc.).

Verizon's 2018 DBIR reports two-thirds of breaches come from external attacks while the remaining are from insider threats. FortiDeceptor is built to deceive and redirect both external and internal attacks to a network of decoys. It exposes these reconnaissance attacks and eliminates them, disrupting the entire kill chain before it even begins.

Proactive Cybersecurity for Operational Technology

Fortinet Accessibility Conformance Report