FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and prevent accidental and malicious data loss across cloud deployments, applications, and managed and unmanaged devices
Fortinet® announced the general availability of FortiDLP, a next-generation data loss prevention (DLP) and insider risk management solution. Based on Next DLP’s innovative technology and integration into the Fortinet Security Fabric, the new solution bolsters Fortinet’s overall portfolio of DLP capabilities. FortiDLP enables effective management of data security, dynamic enforcement of data protection, and enhanced visibility of insider threats at scale for large enterprise customers.
“In an era when data protection is paramount, FortiDLP offers a next-gen solution that combines AI-enhanced detection and insider risk management to secure sensitive information,” said John Maddison, chief marketing officer at Fortinet. “By leveraging an AI-powered data protection solution with the help of generative AI, security teams can anticipate risks, streamline incident response, and mitigate threats faster than legacy DLP solutions. Protecting your data from both internal and external threats starts with visibility and proactive prevention, and FortiDLP delivers that protection on day one."
- Shadow AI Data Protection: FortiDLP enables employees to safely use publicly available GenAI tools, such as OpenAI ChatGPT, Google Gemini, and others. Administrators can set policy actions to alert employees to proper data handling practices while allowing them to continue using these tools. The result is a balance between enabling greater productivity while securing the organization against sharing sensitive corporate data with these tools.
- Day One Data Visibility and Protection: FortiDLP provides automated data movement visibility and protection from day one with out-of-the-box policies and machine learning embedded at the endpoint for baselining, with contextual and content inspection that works even if endpoints are disconnected from the network.
- Insider Risk Protection: FortiDLP can identify actions, behaviors, and other indicators and apply appropriate policy actions to identify and stop insiders from disclosing sensitive data outside of the organization. Security teams can also monitor individual user risk with the solution by identifying, analyzing, and capturing employee activity when sensitive data is accessed and/or policies are violated.
- SaaS Application Data Protection: FortiDLP provides comprehensive visibility into user interactions with data in the cloud and maintains protection as data moves out of the cloud. The solution builds a comprehensive risk-scored inventory of SaaS applications utilized across an organization, with insights into data ingress, egress, and credentials. It also fortifies defenses against potential data breaches from business data exposure via unauthorized application usage.
- Origin-Based Data Protection: FortiDLP provides instant visibility into data exposure risk with Secure Data Flow, which complements traditional content and sensitivity classification-based approaches with origin-based data identification, manipulation detection, and data egress controls. Security teams can track and prevent data egress from endpoints and unmanaged mobile devices to USB drives, printers, and SaaS apps like Slack, Office 365, and Google Workspace.
- Risk-Informed User Education: Administrators can configure policies and actions that include the presentation of customizable messages to educate users on the importance of safeguarding sensitive data while also enabling mechanisms that drive accountability for employee behavior.
- AI-Powered Guidance: The FortiDLP AI-powered assistant enhances incident analysis by using FortiAI to summarize and contextualize data associated with observed high-risk activity, mapped to the MITRE Engenuity Insider Threat Tactics, Techniques, and Procedures (TTP) Knowledge Base for easy consumption by analysts and peers.