Attivo Networks Blogs

Attivo Networks and Fortinet Integration Delivers Continuous Threat Management with Real-Time Detection and Automated Blocking

ThreatMatrix™ Platform and FortiGate® Firewalls Integrate via the Fortinet Security Fabric to automate the identification, investigation, and blocking of information security threats

FREMONT, Calif., March 13, 2017 – Attivo Networks®, the award-winning leader in deception for cybersecurity defense, announced today an integration combining the Attivo Networks ThreatMatrix Deception and Response Platform with the Fortinet FortiGate Firewall Platform. This integration leverages the Fortinet Security Fabric Application Programming Interfaces (APIs) to provide a comprehensive solution for continuous threat management by combining deception-based detection, and automated investigation and incident response capabilities. In the event of an attack, the ThreatMatrix Deception and Response Platform will automatically update the FortiGate Firewall with the details required to immediately quarantine the attack and shut down an attacker’s access and ability to exfiltrate data or credentials.

The Attivo Networks ThreatMatrix Platform is designed to provide visibility and continuous threat management of in-network threats that have evaded prevention systems. The solution turns the entire network into a trap using deception-based detection. Decoys that appear identical to production assets and advanced lures are used to bait attackers and mislead them into revealing themselves. The solution is highly accurate for all attack vectors and provides efficient detection for stolen credential, ransomware, insider and advanced threats that are lurking in user networks, data centers, cloud, and specialty environments such as IoT, SCADA, and POS. Attack investigation and incident response are automated within the platform and with 3rd party integrations, attack-blocking quarantine, and threat hunting can be automated, streamlining incident response and remediation.
Fortinet’s flagship enterprise firewall, FortiGate® is a unified platform offering end-to-end security for organizational networks. Seamlessly adaptive, it provides a single touchpoint for simplification and management of security devices across physical, virtual, and cloud deployments. The FortiGate architecture is designed to offer granular control over applications, making filtration of web-traffic and blocking of latest exploits possible and easier with its consolidated networking capabilities. Adding to their intelligent cyber-security architecture is the Fortinet Security Fabric that connects critical security and networking technologies—from FortiGate firewalls to content and application security to secure access points—for seamless security across the distributed network, whether local or remote, physical, or virtual, wired or wireless, from IoT to the cloud.

The integration of Attivo ThreatMatrix Platform and the Fortinet FortiGate firewall platform arms customers with real-time threat detection and detailed attack analysis for prompt blocking of an attack. When the ThreatMatrix Platform detects an in-network threat, it automatically shares the attack information with FortiGate including attack signatures, details on the infected nodes, and attacker activity that help streamline mitigation of ongoing risks and prevention of future cyber-attacks. An organization’s defined security policies get automatically enforced via the API, and effectively block a compromised device, thus preventing data from getting exfiltrated or being able to re-enter the network.

“As demonstrated by recent high profile attacks that show extensive reconnaissance, organizations worldwide are facing sophisticated hackers who often lurk undetected in the network for months. Attaining a stronger security posture in this threat landscape is now crucial,” says Carolyn Crandall, CMO of Attivo Networks. “With the combined capabilities of the ThreatMatrix Platform and its integration with the Fortinet Security Fabric, customers get a unified solution that helps address early detection, prevention, and incidence response across all endpoints and networks, which is critical in our battle against cyber-threats.”

“The integration of the Attivo Networks ThreatMatrix Deception and Response Platform with the Fortinet Security Fabric enables customers to benefit from Attivo Networks award-winning deception-based threat management capabilities, while simultaneously leveraging the best-validated security protection in the industry provided by Fortinet, resulting in unparalleled security protection.” – Neil Prasad, Director, Marketing, Fortinet.

ThreatMatrix and Fortinet Solution Brief

About Attivo Networks
Attivo Networks® is the leader in deception technology for real-time detection, analysis, and accelerated response to advanced, credential, insider, and ransomware cyber-attacks. The Attivo ThreatMatrix™ Deception and Response Platform accurately detects advanced in-network threats and provides scalable continuous threat management for user networks, data centers, cloud, IoT, ICS-SCADA, and POS environments. Attivo Camouflage dynamic deception techniques and decoys set high-interaction traps to efficiently lure attackers into revealing themselves. Advanced attack analysis and lateral movement tracking are auto-correlated for evidence-based alerts, forensic reporting, and automatic blocking and quarantine of attacks. For more information visit

Follow Attivo Networks: Twitter and LinkedIn.

About Fortinet
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 300,000 customers trust Fortinet to protect their businesses. Learn more at, the Fortinet Blog, or FortiGuard Labs.

Attivo Networks has registered trademarks of Attivo Networks in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Gary Thompson
Clarity Communications

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

six − two =

Ready to find out what’s lurking in your network?

Scroll to Top