Fortinet Mitre Enterprise Mitigation Reference Table
| Mitigations | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Advance Threats | |||||||||||||
FortiSandbox
|
Threat Intelligence Program | ||||||||||||
| Restrict Web-Based Content | |||||||||||||
| Network Intrusion Prevention | |||||||||||||
| Filter Network Traffic | |||||||||||||
| Execution Prevention | |||||||||||||
| Behavior Prevention on Endpoint | |||||||||||||
| Application Isolation and Sandboxing | |||||||||||||
| Antivirus/Antimalware | |||||||||||||
| Exploit Protection | |||||||||||||
FortiAI
|
Execution Prevention | ||||||||||||
| Behavior Prevention on Endpoint | |||||||||||||
| Application Isolation and Sandboxing | |||||||||||||
| Antivirus/Antimalware | |||||||||||||
FortiDeceptor
|
Network Segmentation | ||||||||||||
| Network Intrusion Prevention | |||||||||||||
| Limit Access to Resource Over Network | |||||||||||||
| Filter Network Traffic | |||||||||||||
| Exploit Protection | |||||||||||||
FortiInsight
|
Account Use Policies | ||||||||||||
| Behavior Prevention on Endpoint | |||||||||||||
FortiAnalyzer (IOC)
|
Threat Intelligence Program | ||||||||||||
| Network Hygiene | |||||||||||||
Intrusion Prevention
|
SSL/TLS Inspection | ||||||||||||
| Restrict Web-Based Content | |||||||||||||
| Network Intrusion Prevention | |||||||||||||
| Filter Network Traffic | |||||||||||||
| Exploit Protection | |||||||||||||
Anti-Virus
|
Execution Prevention | ||||||||||||
| Application Isolation and Sandboxing | |||||||||||||
| Antivirus/Antimalware | |||||||||||||
Anti-Botnet
|
Network Intrusion Prevention | ||||||||||||
| Filter Network Traffic | |||||||||||||
| Execution Prevention | |||||||||||||
| Application Isolation and Sandboxing | |||||||||||||
| Antivirus/Antimalware | |||||||||||||
Anti-Spam
|
User Training | ||||||||||||
Web Filtering
|
Restrict Web-Based Content | ||||||||||||
Web Security
|
Exploit Protection | ||||||||||||
Application Control
|
Limit Access to Resource Over Network | ||||||||||||
| Endpoint Hygiene | |||||||||||||
Endpoint Vulnerability
|
Vulnerability Scanning | ||||||||||||
| Update Software | |||||||||||||
Anti-Virus
|
Execution Prevention | ||||||||||||
| Application Isolation and Sandboxing | |||||||||||||
| Antivirus/Antimalware | |||||||||||||
Web Filtering
|
Restrict Web-Based Content | ||||||||||||
| Application Protection | |||||||||||||
Web Security
|
Exploit Protection | ||||||||||||
| Security Hardening | |||||||||||||
Pen Testing Service
|
Vulnerability Scanning | ||||||||||||
| User Training | |||||||||||||
Security Rating Services
|
The Security Rating services verifies the FortiGate solution has optimal configuration according to best practices. It achieves this goal by auditing the solution for omission or configuration errors. It verifies that all relevant FortiGuard Services are configured according to Industry Best Practices across all Fortinet devices. | ||||||||||||