Fortinet FortiEDR Review

Automation saves us time; forensic detailing and memory exfiltration are great for separate analysis

What is our primary use case?

We use this product to deploy to all the clients we have to monitor any kind of suspicious activities occurring on the end points besides antivirus. This will kind of automate their response basically with the EDR. I'm a security analyst and we are customers of Fortinet. 

How has it helped my organization?

Since we've had this solution we've been able to monitor different hosts of services and different devices effectively. We can also automate to save a lot of time instead of doing things manually.

What is most valuable?

The most valuable features would be the ability to get forensics details and also memory exfiltration so we can analyze them separately after an incident.

What needs improvement?

Detections could definitely be improved. It's still detecting some things that it shouldn't be like Microsoft Intune and 365 devices as well.

I'd like to see an improvement in the reporting. There are currently no reporting capabilities so I would definitely want to see that.

For how long have I used the solution?

I've been using this solution for 18 months. 

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

We haven't had issues with scalability and we have over 5,000 endpoints. In the security team we have four people who use the solution daily. The others use it in case of emergency.

How was the initial setup?

The initial setup was very straightforward. 

What other advice do I have?

This is definitely a good product and will make your life easier. 

I would rate this solution a seven out of 10. 

Which deployment model are you using for this solution?

Private Cloud
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment