FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and prevent accidental and malicious data loss across cloud deployments, applications, and managed and unmanaged devices
Fortinet® (NASDAQ: FTNT), a global leader in cybersecurity, today announced the general availability of FortiDLP, its next-generation data loss prevention (DLP) and insider risk management solution. Built on the innovative technology of Next DLP and integrated into the Fortinet Security Fabric, FortiDLP enhances Fortinet’s portfolio of DLP capabilities. It empowers large enterprises to manage data security, enforce data protection, and gain visibility into insider threats at scale.
“In today’s environment, where data protection is more critical than ever, FortiDLP offers a cutting-edge solution that leverages AI-driven detection and insider risk management to safeguard sensitive information,” said John Maddison, Chief Marketing Officer at Fortinet. “With the power of AI and generative AI, FortiDLP enables security teams to predict risks, accelerate incident response, and neutralize threats faster than traditional DLP solutions. The key to protecting data from internal and external threats is having visibility and proactive measures in place, and FortiDLP delivers that protection right from day one.”
Traditional DLP Solutions Are No Longer Enough for CISOs
According to Gartner®’s latest Market Guide for Data Loss Prevention, “By 2027, 70% of CISOs in larger enterprises will adopt a consolidated approach to address both insider risk and data exfiltration.” However, many CISOs and security teams still struggle with limitations of traditional DLP tools, such as managing fragmented data across hybrid workforces, rigid classification policies, slow legacy tool performance, and increasing risks from malicious insiders with access to sensitive data.
FortiDLP: A Modern Solution to Traditional DLP Challenges
Fortinet addresses these challenges with FortiDLP, an AI-powered, cloud-native endpoint data protection solution designed to meet all data protection needs in a single platform. With the recent acquisition of Next DLP, Fortinet enhances its Security Fabric to offer a more comprehensive solution for preventing data leaks, detecting behavior-related threats, educating employees on risk-informed decisions, and ensuring compliance with security policies.
FortiDLP also tackles the risks of unsanctioned SaaS applications and shadow AI (unauthorized generative AI tools), which have become growing concerns in today’s dynamic work environments. Key features that distinguish FortiDLP from legacy solutions include:
- Shadow AI Data Protection: FortiDLP enables employees to safely use publicly available GenAI tools, such as OpenAI ChatGPT, Google Gemini, and others. Administrators can set policy actions to alert employees to proper data handling practices while allowing them to continue using these tools. The result is a balance between enabling greater productivity while securing the organization against sharing sensitive corporate data with these tools.
- Day One Data Visibility and Protection: FortiDLP provides automated data movement visibility and protection from day one with out-of-the-box policies and machine learning embedded at the endpoint for baselining, with contextual and content inspection that works even if endpoints are disconnected from the network.
- Insider Risk Protection: FortiDLP can identify actions, behaviors, and other indicators and apply appropriate policy actions to identify and stop insiders from disclosing sensitive data outside of the organization. Security teams can also monitor individual user risk with the solution by identifying, analyzing, and capturing employee activity when sensitive data is accessed and/or policies are violated.
- SaaS Application Data Protection: FortiDLP provides comprehensive visibility into user interactions with data in the cloud and maintains protection as data moves out of the cloud. The solution builds a comprehensive risk-scored inventory of SaaS applications utilized across an organization, with insights into data ingress, egress, and credentials. It also fortifies defenses against potential data breaches from business data exposure via unauthorized application usage.
- Origin-Based Data Protection: FortiDLP provides instant visibility into data exposure risk with Secure Data Flow, which complements traditional content and sensitivity classification-based approaches with origin-based data identification, manipulation detection, and data egress controls. Security teams can track and prevent data egress from endpoints and unmanaged mobile devices to USB drives, printers, and SaaS apps like Slack, Office 365, and Google Workspace.
- Risk-Informed User Education: Administrators can configure policies and actions that include the presentation of customizable messages to educate users on the importance of safeguarding sensitive data while also enabling mechanisms that drive accountability for employee behavior.
- AI-Powered Guidance: TheFortiDLP AI-powered assistant enhances incident analysis by using FortiAI to summarize and contextualize data associated with observed high-risk activity, mapped to the MITRE Engenuity Insider Threat Tactics, Techniques, and Procedures (TTP) Knowledge Base for easy consumption by analysts and peers.
As part of its ongoing dedication to providing enterprise-grade data protection, Fortinet will offer FortiDLP as a standalone solution, alongside integrating advanced AI-driven data loss prevention capabilities into its Security Service Edge (SSE) offering. Additionally, Fortinet plans to incorporate enhanced insider risk and data protection features throughout the Fortinet Security Fabric.
FortiDLP is built on the next-generation, cloud-native SaaS data protection platform developed by Next DLP, which was recently recognized as a Representative Vendor in both the 2023 Gartner Market Guide for Data Loss Prevention and the 2023 Gartner Market Guide for Insider Risk Management Solutions.
Additional Resources
- Learn more about FortiDLP.
- Learn about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
- Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
- Read about how Fortinet customers are securing their organizations.
- Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.
