Indicators of Compromise
The FortiGuard labs collect the Indicators of Compromise (IoCs) and combine them into a package on a daily basis for delivery to Fortinet products via the FDN (Fortiguard distribution network). For example, FortiAnalyzer product can use the IOC package to alert on suspicious or infected hosts in the network.
0 +
Submitted samples are processed daily to extract IOCs
0 +
Security analysts in the FortiGuard labs tirelessly search and hunt for threats around the globe
0 +
Threat sharing agreements with Governments, Certs and Strategic vendors around the globe.
Fortiguard Labs collects indicators of compromise (IOCs) by a variety of methods. Following are some examples:
Machine Learning
ML techniques are used to capture IOCs (indicators of compromise) such as malicious IP addresses, domains and urls.
Global Sensors
Millons of sensors deployed around the globe consisting of participating customer devices, honeypots and deception decoys pick up early signals of compromise in the global cyber space.
Web Crawlers
Fortinet propriety web crawlers armed with Artificial Intelligence crawl the Internet looking for malicious sites.
Threat Exchange
Fortinet has 200+ threat sharing agreements with Governments, Certs and Strategic vendors around the globe.
Community Submissions
Participating customers submit new threats to Fortinet for analysis. The submission is either manual or through Fortinet Cloud Sandbox technology. On a daily bases, FortiGuard lab executes 500,000+ malware samples to extract IOCs.
Human Analysis
200+ Security analysts in the FortiGuard labs tirelessly search and hunt for threats around the globe
Hacker Sites/Forums
Troll the underground/darknet to uncover zero-day threat events.