FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and prevent accidental and malicious data loss across cloud deployments, applications, and managed and unmanaged devices
SUNNYVALE, Calif. – Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the general availability of FortiDLP, a next-generation data loss prevention (DLP) and insider risk management solution. Based on Next DLP’s innovative technology and integration into the Fortinet Security Fabric, the new solution bolsters Fortinet’s overall portfolio of DLP capabilities. FortiDLP enables effective management of data security, dynamic enforcement of data protection, and enhanced visibility of insider threats at scale for large enterprise customers.
“In an era when data protection is paramount, FortiDLP offers a next-gen solution that combines AI-enhanced detection and insider risk management to secure sensitive information,” said John Maddison, chief marketing officer at Fortinet. “By leveraging an AI-powered data protection solution with the help of generative AI, security teams can anticipate risks, streamline incident response, and mitigate threats faster than legacy DLP solutions. Protecting your data from both internal and external threats starts with visibility and proactive prevention, and FortiDLP delivers that protection on day one.”
Traditional DLP Solutions Fall Short for CISOs
Gartner® recently predicted in its latest Market Guide for Data Loss Prevention that, “By 2027, 70% of CISOs in larger enterprises will adopt a consolidated approach to address both insider risk and data exfiltration use cases.” However, CISOs and security teams continue to struggle with traditional DLP challenges, like managing data silos and dispersed data with a growing hybrid workforce, navigating cumbersome and rigid policies to classify data, slow performance of legacy tools, and the increasing risk posed by malicious insiders having access to sensitive data.
What Sets FortiDLP Apart from Legacy DLP Solutions
Fortinet’s answer to traditional DLP challenges is FortiDLP, an AI-enhanced, cloud-native endpoint data protection solution that enables customers to address all their data protection requirements with a single solution. With the recent acquisition of Next DLP, Fortinet adds a powerful data protection solution to the Fortinet Security Fabric, giving security teams a more effective way to prevent data leaks and loss, detect behavior-related threats, train employees to make risk-informed decisions and comply with security policies. The solution also addresses employees’ use of unsanctioned SaaS applications and guards against data leakage when employees use shadow AI (unapproved GenAI tools). Some of the key features that set FortiDLP apart from the competition include:
- Shadow AI Data Protection: FortiDLP enables employees to safely use publicly available GenAI tools, such as OpenAI ChatGPT, Google Gemini, and others. Administrators can set policy actions to alert employees to proper data handling practices while allowing them to continue using these tools. The result is a balance between enabling greater productivity while securing the organization against sharing sensitive corporate data with these tools.
- Day One Data Visibility and Protection: FortiDLP provides automated data movement visibility and protection from day one with out-of-the-box policies and machine learning embedded at the endpoint for baselining, with contextual and content inspection that works even if endpoints are disconnected from the network.
- Insider Risk Protection: FortiDLP can identify actions, behaviors, and other indicators and apply appropriate policy actions to identify and stop insiders from disclosing sensitive data outside of the organization. Security teams can also monitor individual user risk with the solution by identifying, analyzing, and capturing employee activity when sensitive data is accessed and/or policies are violated.
- SaaS Application Data Protection: FortiDLP provides comprehensive visibility into user interactions with data in the cloud and maintains protection as data moves out of the cloud. The solution builds a comprehensive risk-scored inventory of SaaS applications utilized across an organization, with insights into data ingress, egress, and credentials. It also fortifies defenses against potential data breaches from business data exposure via unauthorized application usage.
- Origin-Based Data Protection: FortiDLP provides instant visibility into data exposure risk with Secure Data Flow, which complements traditional content and sensitivity classification-based approaches with origin-based data identification, manipulation detection, and data egress controls. Security teams can track and prevent data egress from endpoints and unmanaged mobile devices to USB drives, printers, and SaaS apps like Slack, Office 365, and Google Workspace.
- Risk-Informed User Education: Administrators can configure policies and actions that include the presentation of customizable messages to educate users on the importance of safeguarding sensitive data while also enabling mechanisms that drive accountability for employee behavior.
- AI-Powered Guidance: The FortiDLP AI-powered assistant enhances incident analysis by using FortiAI to summarize and contextualize data associated with observed high-risk activity, mapped to the MITRE Engenuity Insider Threat Tactics, Techniques, and Procedures (TTP) Knowledge Base for easy consumption by analysts and peers.
As part of its ongoing commitment to offering customers enterprise-grade data protection, Fortinet plans to sell FortiDLP as a stand-alone solution in addition to adding advanced AI-driven data loss prevention capabilities to its security service edge (SSE) offering and integrate additional insider risk and data protection capabilities across the Fortinet Security Fabric.
FortiDLP is based on the next-generation, cloud-native SaaS data protection platform from Next DLP. Next DLP was recognized as a Representative Vendor in the 2023 Gartner Market Guide for Data Loss Prevention1 and the 2023 Gartner Market Guide for Insider Risk Management Solutions.2
Additional Resources
- Learn more about FortiDLP.
- Learn about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
- Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
- Read about how Fortinet customers are securing their organizations.
- Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
1 Gartner Market Guide for Data Loss Prevention, Ravisha Chugh, Andrew Bales, 4 September 2023.
2 Gartner Market Guide for Insider Risk Management Solutions, Brent Predovich, 13 November 2023.
About Fortinet
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet’s solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. Collaboration with esteemed organizations from both the public and private sectors, including CERTs, government entities, and academia, is a fundamental aspect of Fortinet’s commitment to enhance cyber resilience globally. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.
Copyright © 2024 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiConnect, FortiController, FortiConverter, FortiCSPM, FortiCWP, FortDAST, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFlex FortiFone, FortiGSLB, FortiGuest, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMonitor, FortiNAC, FortiNDR, FortiPenTest, FortiPhish, FortiPoint, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiSDNConnector, FortiSEC, FortiSIEM, FortiSMS, FortiSOAR, FortiStack, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM and FortiXDR. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.