virus logo Outbreak Detection Service

FortiAnalyzer Outbreak Detection Service provides timely outbreak reports and event handlers, enabling analysts to identify, classify, mitigate, and validate their security posture against widespread evolving threats. By leveraging automated detection and reporting, organizations can improve their efficiency and strengthen defenses across their networks.

FortiClient Outbreak Detection Service identifies assets with critical or high vulnerabilities being actively targeted by attackers. By delivering visibility into unpatched assets—prime targets for exploitation, FortiClient helps organizations proactively detect, mitigate, and harden their systems. Learn More >

FortiOS Security Rating manages your organizations security maturity roadmap while leveraging actionable Configuration Recommendations, and Key Performance/Risk Indicators to target Security Maturity level improvements. Build Leadership and Business Confidence by demonstrating effective critical asset protection and compliance with regulatory standards. Learn More >

FortiSIEM empowers organizations to detect and investigate security events using advanced detection models by correlating asset and application logs and generating actionable incidents for investigation. With FortiSIEM Analytics, organizations can query and report on historical data, uncovering trends, anomalies, and potential risk to strengthen their security posture while improving mitigation strategies. Learn More >

FortiSOAR Outbreak Response lets you get ahead of the curve with up-to-the-minute intelligence on the latest cybersecurity threats targeting organizations, assets and platforms worldwide. Empower your team to leverage automation and orchestration take control and fortify your systems against emerging risks with our robust Threat Hunt Rules.

FortiDeceptor Vulnerability Outbreak Support FortiDeceptor's advanced outbreak feature leverages decoys to simulate newly disclosed vulnerabilities, attracting and detecting malicious activities early in the attack chain. When FortiGuard Labs identifies a new vulnerability, it automatically updates the Outbreak decoy with a vulnerability emulator-no software update required-ensuring rapid response to emerging threats. Learn More >

AUTOMATED REPORTS

Receive real-time outbreak reports to quickly assess and respond to emerging threats.

THREAT DETECTION

Identify and track outbreaks with intelligent, automated detection capabilities.

MULTI-LAYERED SECURITY

Strengthen defenses with layered security insights across your network environment.

CONTEXT-DRIVEN DECISIONS

Make informed decisions with actionable, outbreak-specific intelligence.

EXTENDED VISIBILITY

Gain expanded visibility into potential vulnerabilities and security gaps.

FORTICLIENT EMS OUTBREAK ALERT RULES

Helps to protect your network from outbreaks by tagging endpoints with vulnerable application installed tied to Outbreaks.

AUTOMATED RESPONSE

Detects and isolates compromised endpoints

ENDPOINT HARDENING

Enables vulnerability scanning with automated patching, software inventory, and app firewall for better security.

IOC-BASED DETECTION

Identifies endpoints targeted in the wild using updated Indicators of Compromise (IOCs).

EXTENDED ENDPOINT VISIBILITY

Provides insights into endpoints with unpatched vulnerabilities or signs of compromise.

ASSESS AND RATE YOUR SECURITY POSTURE

Evaluate your security maturity and effectiveness with measurable insights.

EXPANDED VISIBILITY

Expand visibility of your attack surface, including IoT devices

RISK AVOIDANCE

Identify and resolve configuration issues and vulnerabilities before they lead to a problem

ACTIONABLE GUIDANCE

Generates clear guidance for addressing gaps and areas of risk

MEASURE COMPLIANCE AND PERFORMANCE

Track key performance indicators to demonstrate compliance and effective asset protection.

CUSTOM OUTBREAK DETECTION RULES

Applied to logs looking for patterns or correlation of multiple logs to create incidents for investigation.

CONTEXT DRIVEN DECISIONS

Gain actionable insights with real-time incident data and intelligent correlation.

EXTEND VISIBILITY

Enhance visibility across devices, applications, and network environments.

HISTORICAL ANALYTICS

Query and report on historical data to identify patterns, trends, and missed incidents.

AUTOMATED INCIDENT MANAGEMENT

Streamline detection, investigation, and response workflows for faster remediation.

ROBUST THREAT HUNTING

Leverage IOC-based hunting, Fabric Rules, Sigma Rules, and YARA Rules to proactively detect and neutralize emerging threats.

AUTOMATED PLAYBOOKS

Streamline and automate response workflows to fortify systems and reduce response time.

VISUALIZE THE THREAT LANDSCAPE

Gain a clear, real-time view of security events and evolving cyber risks across your environment.

CONTEXT-DRIVEN DECISIONS

Make informed, actionable decisions with centralized intelligence and detailed threat insights and data enrichment.

MITIGATION AND REMEDIATION

Empower with precise guidance from FortiGuard Labs and links to the patch for further analyst investigations.

DYNAMIC DECEPTION

Network visibility and breach detection via passive footprint. Detects threats to assets that cannot provide their own telemetry.

RANSOMWARE MITIGATION

Early detection and response to ransomware attacks. Misleads malware to encrypt fake files, triggering automatic blocking of the infected endpoint.

LATERAL MOVEMENT DETECTION

Detects attackers early in the discovery phase and misdirects lateral activities to the decoy and away from real assets.

FORENSICS & THREAT INTELLIGENCE

Captures and analyzes attack activities in real time, provides detailed forensics, collects IOCS & TTPS.

INSIDER THREAT DETECTION

Reduces dwell time and false positives, detects early recon & lateral movement to misdirect attacks.

Version Updates

virus logo FortiAnalyzer Outbreak Detection 2.00092 1 month ago Added (0)
virus logo FortiClient Outbreak Detection 1.00038 1 month ago Added (0)
virus logo FortiOS Attack Surface 7.0 3.92000 4 months ago
virus logo FortiOS Attack Surface 7.2 4.79000 1 month ago
virus logo FortiOS Attack Surface 7.4 5.56000 1 month ago
virus logo FortiSIEM Outbreak Detection 1002 1 month ago Added (0)
virus logo FortiDeceptor Outbreak Deception 20260211 4 weeks ago Added (0)

FortiGuard Expert Services

FortiGuard SOC-as-a Service

Provides 24x7 Monitoring and Incident Management

FortiGuard Incident Response Services

Experienced a Breach? We're here to help

Frequently Asked Questions

An Outbreak Alert is a comprehensive report that provides in-depth insights into cybersecurity threats, serving as a vital tool for organizations to stay informed about critical and or emerging cybersecurity risks that may compromise sensitive data, disrupt business operations, and pose significant risks to the organization’s overall security.

Each report can assist customers in understanding the background of the attack, the timeline of events, affected technologies, and related threat intelligence such as Indicators of Compromise (IoCs), Tactics, Techniques, and Procedures (TTPs), and Attack sequence used by the adversaries.

The FortiGuard Outbreak Alerts provide context around the entire attack surface and help clarify which Fortinet product or service can aid in the Protection, Detection, Response, Recovery, and Identification of the threat.

The new threat radar combines both FortiGuard telemetries and the external threat landscape. This combination provides a holistic rating of the cyber threat. Users may use the Threat Radar values in conjunction with other vulnerability management processes to make informed decisions about patching, mitigation, and defense strategies. A higher value suggests a higher priority for remediation efforts and actionable Intelligence as they represent a more immediate or severe threat.

When an outbreak has multiple CVEs, we use the highest possible value from each CVE when creating Threat Radar. This is to anticipate the Outbreak Threat level as compared to each related CVEs.

The Exploit Prediction Scoring System (EPSS, provided by FIRST is a data-driven effort for estimating the likelihood (probability) that a software vulnerability will be exploited in the wild. The higher the value the greater likelihood of exploitation. EPSS scores on Outbreak are processed every day. To learn more visit: https://www.first.org/epss/

Anyone can subscribe to receive the FortiGuard Outbreak Alert report using the link below and signing up using your email address. https://www.fortinet.com/fortiguard/labs

Customers using FortiAnalyzer may subscribe to the Outbreak Detection Service, which delivers the outbreak reports plus real-time updated event handlers and reports to check the customer environment (logs) for any triggers associated with the outbreak. FortiAnalyzer can then raise incidents and generate reports for customer SOC teams to further investigate or take remediation action. Other products also support automated Outbreak Detection Services, including pre-built decoys for FortiDeceptor,automated security rating packages for FortiGate, targeted threat hunting for FortiSIEM, endpoint tagging rules for FortiClient, and playbook response packages for FortiSOAR.