Acquisition adds Machine Learning-based threat detection and response capabilities to protect enterprises from insider threats.
Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, has completed the acquisition of ZoneFox Limited, a privately-held cloud-based insider threat detection and response company headquartered in Edinburgh, Scotland.
The acquisition further enhances the Fortinet Security Fabric and strengthens Fortinet’s existing endpoint and SIEM security business by providing customers with:
- Deeper visibility into endpoints and associated data flow and user behaviour, both on and off the network
- Machine Learning capabilities able to distill billions of events per day into high-quality threat leads to uncover blind spots and alert users of suspicious activities
- A unique cloud-based architecture that captures essential data around five core factors – user, device, resource, process and behaviour – to analyse and configure policies easily
- Full forensics timeline recording of information, combined with a simple search interface that helps analysts quickly determine the actions needed to boost an enterprise’s security posture
- A zero-configuration agent that is easy and fast to deploy; the solution can scale up to support over 10,000 agents without performance loss
- Out-of-the-box support for GDPR, ISO 27001, HIPAA and PCI DSS, with ‘ready-to-go’ policies
“Enterprise organisations are experiencing a dramatic increase in the number of endpoints and users accessing data and cloud resources, which is also increasing the need to defend against insider threats”, said Ken Xie, founder, chairman of the board and chief executive officer, Fortinet.
“In fact, 30% of breaches involved insiders acting negligently or maliciously according to the 2018 Verizon Data Breach Investigations Report. By combining ZoneFox’s cloud-based threat-hunting technology with Fortinet’s existing endpoint and SIEM security offerings, we are well positioned to provide our customers with an integrated approach to defend against insider threats, eliminate network blind spots and protect today’s expanding attack surface with automation and Machine Learning.”
The integration of ZoneFox’s award-winning Machine Learning-based threat-hunting technology will complement FortiClient endpoint security to provide endpoint detection and response (EDR) capabilities and will extend FortiSIEM with additional user entity behaviour analytics (UEBA) features, both on-premises and in the cloud. Fortinet expects that the new endpoint security capabilities provided by ZoneFox will allow enterprise organisations to better leverage Machine Learning to detect anomalous behaviour and provide an even faster response to insider threats.
Dr Jamie Graves, Chief Executive Officer and Founder, ZoneFox, said: “We’re pleased to join the Fortinet team and bring together our shared vision of alleviating CISO concerns about insider threats. Integrating our solution with the Fortinet Security Fabric will allow us to extend our reach to a broad spectrum of Fortinet and third-party solutions to solve customers’ most difficult challenges in network security.”
ZoneFox spun out from Edinburgh Napier University in 2009 and grew out of the PhD work of Jamie Graves, then a digital forensics student, and his research supervisor Professor Bill Buchanan, from the university’s School of Computing.
The two were unhappy with the tools available for investigating data breaches, and teamed up to launch an information security software company with the support of Scottish Enterprise.
The ZoneFox product protects business assets from malicious and accidental threats from within a company by monitoring employee behaviour and data flow for abnormal activity.
ZoneFox is used by clients to protect intellectual property by monitoring users in real time for breaches of company policy as well as providing forensic tracking for auditing and investigation.
Dr Graves said he was delighted to join the Fortinet team.
He added: “ZoneFox will always have its roots in Scotland and will remain part of the local Scottish security community to both access and develop talent. I would like to thank everyone who has supported us on the journey so far; Scottish Enterprise, Edinburgh Napier University, our seed and investors Archangels, mentors, customers, colleagues, friends and family.”
Edinburgh Napier’s Professor Bill Buchanan said: “As a spinout from our School of Computing, Jamie has managed to push forward and has developed a world-leading security product.
“Their success also highlights the strength of the innovation infrastructure within Scotland, and especially in Edinburgh. The ready supply of experts in key areas of cybersecurity and in business development has showcased the city as being a leader in supporting the development of technology-driven businesses.”
Professor Andrea Nolan, Principal and Vice-Chancellor of Edinburgh Napier University, said: “This is a perfect example of the difference Edinburgh Napier University makes to our communities and the impact our schools’ research collaborations can have on wider society.
“It is applied and practical evidence of how as a university we can help shape businesses to face the needs of industry both today and in the future.”
Click below to share this article
