Outbreaks have been a continued and critical element of 2022—no, not that type of outbreak. We’re talking about FortiGuard Outbreak Alerts.
FortiGuard Outbreak Alerts
During the SolarWinds Orion supply chain attack at the end of 2020, a number of our customers asked us to help them determine whether their Fortinet solutions had protected them against its multiple attack vectors, malware, resulting lateral movement, and command and control activity. While all of this information existed, we wanted to make it more readily available for customers. So, to help our customers more rapidly determine whether they had been protected against an attack and to better enable rapid threat hunting to identify Indicators of Compromise (IoCs) across their network, we developed the FortiGuard Outbreak Alerts and corresponding FortiGuard Outbreak Detection Service.
In the years since, we have enhanced this service to include the following:
- Coverage of the entire Fortinet Security Fabric.
- Alignment with the five functions of the NIST Cybersecurity Framework (CSF): Identify, Protect, Detect, Respond, and Recover.
- Mapping attacks to MITRE ATT&CK threat model, whereby each outbreak is analyzed by FortiGuard Labs to provide a comprehensive view of the tactics and techniques employed by threat actors.
These enhancements enable customers to react quickly to emerging outbreaks with factual, actionable intelligence.
2022 Annual Report
In 2022, FortiGuard IPS and FortiGuard AV/Sandbox blocked three trillion and six trillion hits, respectively, from vulnerabilities, malware, and 0-day attacks. Those hits encompassed several thousand varieties of remote code lifecycle components, including attack execution, cross-site scripting (XSS), the elevation of privilege, denial of service (DoS and DDoS), Trojans, and other exploits.
FortiGuard Labs also alerted customers to numerous critical threats throughout the year based on factors such as proof-of-concept, attack vectors, impact, ease of attack, dependencies, and more.
This annual report covers:
- Over two dozen Outbreak Alerts on critical vulnerabilities, targeted attacks, ransomware, and OT-related threats.
- Highlights of older but commonly targeted CVEs, including classification of these vulnerabilities to provide a clear view of prevalence.
- Real-world data compiled by FortiGuard Labs showing how these vulnerabilities are exploited in the wild.
- Context around the entire attack surface to understand those components that can aid in protection, detection, and response.
Follow this link to the full 2022 Outbreak Alert Report.