Fortinet Tackles Insider Threats with ZoneFox Acquisition

Cybersecurity solutions provider Fortinet today announced that it has completed the acquisition of insider threat detection and response company ZoneFox.

Fortinet provides large enterprises, service providers, and government organizations worldwide with intelligent, seamless protection. Earlier this year, the company, which claims more than 360,000 customers, revealed a new machine learning (ML) threat intelligence and detection offering.

The Edinburgh, Scotland-based, privately-held ZoneFox is focused on combating insider threats through reducing the risk of data theft, leakage and misuse. The company provides actionable insights around user behavior and data flow, from both on and off the corporate network.

With the new acquisition, Fortinet looks to enhance the Fortinet Security Fabric and strengthen its existing endpoint and SIEM business.

Through this deal, the company aims at providing customers with deeper visibility into endpoints and associated data flow and user behavior, and an easy and fast to deploy zero-configuration agent that can scale up to support over 10,000 agents.

Machine learning should help process billions of events per day and discover suspicious activities, while Fortinet’s cloud-based architecture can capture essential data around user, device, resource, process, and behavior.

Furthermore, customers will benefit from full forensics timeline recording of information, while a simple search interface will help analysts quickly determine the actions needed. Out-of-the-box support for industry-wide policies and regulations is also available.

ZoneFox’s machine learning-based threat-hunting technology will complement FortiClient endpoint security, Fortinet says. Thus, the company will provide endpoint detection and response (EDR) and will also add more user entity behavior analytics (UEBA) features to FortiSIEM.

“Fortinet expects that the new endpoint security capabilities provided by ZoneFox will allow enterprise organizations to better leverage machine learning to detect anomalous behavior and provide an even faster response to insider threats,” the company says.

This is the second acquisition Fortinet makes within four months, after acquiring Boston-based network security firm Bradford Networks in July.

Related: The Gold Standard Insider Threat Program