Our fortigate FGT already matches on fortiguard threats DB. Including
IOC threats.Our fortianalyzer FAZ is asking for an IOC license to be
able to analyze these particular threats.Is the fortiguard DB more
updated in FAZ than FGT ?Why would i buy ICP...
The timeline frame is not visible in my FortiSOC.According to the
fortianalyzer 7.2.2 admin guide it should be
available.https://docs.fortinet.com/document/fortianalyzer/7.2.2/administration-guide/813113
Is there a cli command to turn it back on ?
I'd like to set up an executed playbook within an unhandled (not
mitigated by FGT) incident.It's job is to send back the malicious event
to fortigate (FGT) and have it mitigated automatically.Which playbook's
template does fit this need ? and which a...
For external security we have an edge fortigate firewall with
sophisticated of policies in place, such as:AV, WAP, ATP, IPS,
SpamFilter, Content Filtering, and much more.For internal security we
have a lot of layers of defense in place, such as:Forti...
If i were you, I wouldn't use the action quarantine. A false positive
usually has a huge impact on the company. It might take down the whole
workstations. False positive ioc's are more often than true positive
ioc's.Instead I'd choose an action such ...
If i were you, I wouldn't use the action quarantine. A false positive
usually has a huge impact on the company. It might take down the whole
workstations. False positive ioc's are more often than true positive
ioc's.Instead I'd choose an action such ...
