Fortinet - Acquisition of enSilo

Digital innovation continues to transform corporate and public networks at an unprecedented pace. And some of the most dramatic areas of innovation are happening at the ever-expanding edges of the network. The number of endpoints and edge devices connected to corporate resources continues to grow exponentially, while remote access to data from these devices is faster and easier than ever. And with the advent of true 5G, edge computing is becoming a larger component of today's expanding networks.

At the same time, new advanced threats targeting endpoints, including fileless malware that runs directly in memory and increasingly targeted ransomware, are putting organisations at increased risk from their endpoints. According to the Verizon Data Breach Investigations Report for 2019, the time from an attacker's first action in a chain of events to the first successful intrusion into an endpoint is typically measured in minutes. However, in 56% of cases, it took months for these activities to be detected.

The response by too many organisations, however, has been to deploy multiple, siloed security products, the majority of which are focused on prevention. But the truth is that 100% prevention is not possible. The result is a fragmented, complicated security architecture that can actually make detection and response more difficult. Because disparate security solutions do not actively participate in centrally coordinated threat activities - including triage, threat intelligence sharing, remediation and forensic analysis - they can actually delay an organisation's ability to detect and respond to threats. The result is not only a slower, less effective response to threats at the endpoint, but a less secure network overall.

What is required is the ability to quickly detect, contain and remediate a threat, as well as share this information throughout the distributed network so that all systems can return to normal as quickly as possible.

Fortinet is therefore expanding its security portfolio with enSilo

To address this growing security challenge, Fortinet today announced it has completed the acquisition of enSilo, a privately held advanced endpoint security company based in San Francisco, California. enSilo uses a robust set of endpoint security tools to prevent attackers from achieving their ultimate goals while preventing damage by automatically containing a threat, stopping data exfiltration and manipulating data through ransomware.

According to Ken Xie, Founder, Chairman and CEO of Fortinet, "As businesses have become more connected and operations have moved from the cloud to the edge and Internet-of-Things, the digital attack surface has expanded exponentially and become more complex. To secure them, manual or point security solutions are ineffective in managing or securing these new environments. Instead, security and networking must be integrated to enable advanced threat detection at network speeds. With the acquisition of enSilo, we are adding automated, real-time detection and response to our Fortinet Security Fabric to further protect endpoints and corresponding edge data."

The enSilo suite of endpoint security solutions not only includes automated detection and response, but also the ability to seamlessly integrate with the larger Fortinet Security Fabric framework, further improving visibility and driving enterprise security policies deeper into endpoints. enSilo capabilities include:

• Automated advanced threat protection coupled with incident response services delivered by a team of cybersecurity experts.
• Patented code tracing technologies prevent not only attacks, but also data exfiltration and ransomware. This also helps ensure compliance with PCI, HIPAA and GDPR guidelines.
• Lightweight agent (less than 60MB) provides protection parity for multiple operating systems, including Linux, Windows and macOS.
• Unique coordinated security for the Internet of Things (IoT) through integrated access control and endpoint security features.
• Flexible deployment on-premise and in the cloud and the ability to scale to hundreds of thousands of endpoints, whether inside or outside the network.

Integrated endpoint protection enhances network security

Dave Gruber, senior analyst at Enterprise Strategy Group (ESG), noted, "According to ESG research, 76% of organisations find threat detection and response more difficult today than two years ago. Vendors like Fortinet are addressing this problem by building an integrated security platform across endpoint, network and cloud infrastructures. The move to natively add enSilo's automated EDR capabilities to the Fortinet platform should improve and accelerate alert correlation and lead to faster threat and incident detection."

Prior to this acquisition, enSilo was already a fully integrated member of the Fortinet Security Fabric-Ready Partner Programme. Its endpoint detection and response (EDR) technology was already deployed to complement FortiGate next-generation firewalls, FortiSandbox and FortiClient Fabric Agent, providing an additional detection and enforcement layer to reduce the time it takes to detect, investigate and remediate malicious attacks.

Through this acquisition, Fortinet will now further enhance the effectiveness of eSilo through additional integration with Fortinet's FortiSIEM solution, FortiInsight UEBA (User Entity Behavior Analytics) features and FortiNAC access control solution. This gives organisations superior endpoint visibility and tightly coordinated, dynamic control of network, user and host activity, and allows them to seamlessly extend security across their entire distributed network, from their endpoints to their multi-cloud, core network, branch office and other remote edge locations.

Fully integrated edge security is essential for today's networks.

The modern network is characterised by the rapid expansion of the network edge. New IoT and endpoint devices, supported by high performance, robust functionality and new business applications, have expanded the potential attack surface.This, in turn, has raised the bar for a fully integrated security solution that no longer operates in isolation and can expand visibility into these emerging edges. The integration of enSilo further strengthens Fortinet's integrated security portfolio with broader EPP and EDR capabilities that protect the customer's network edge.

If you are interested in Fortinet products, or even would like a trial, please feel free to contact us via phone, email or our contact form.