Fortinet

The Wiz and Fortinet integration provides customers with complete protection of cloud resources by detecting network exposure risks, understanding the context around them, and automatically remediating them.

The integration takes advantage of the deep visibility that Wiz has into cloud environments and context of which exposures lead to critical attack paths and allows the Fortinet Security Fabric to ingest these insights to automate security enforcement to seamlessly protect cloud environments for joint customers. As a result, joint customers can now use FortiGate VM and FortiGate CNF to block or allow certain traffic to and from virtual machines (VMs) based on attack paths identified by Wiz or suspicious cloud events.

Integration Benefits

The Wiz and Fortinet integration enables mutual customers to benefit from endto-end visibility and protection against network exposures in the cloud. Customers start by identifying public exposures in Wiz, understand cloud context from Wiz enhanced with network context from Fortinet, and automatically respond to and remediate any exposures with the Fortinet Security Fabric and Fortinet FortiGate VM and FortiGate CNF.

• Automatically identify and remove unwanted public exposure

Identify and validate publicly exposed virtual machines with Wiz, validate with Wiz’s Dynamic Scanner, and automate remediation of external exposure by blocking internet traffic on Fortinet using the FortiGate VM and FortiGate CNF.

• Detect and respond to public exposure in real time

Detect suspicious behavior related to exposure with Wiz’s threat detection rules, and quickly respond by automatically blocking traffic to the virtual machine with FortiGate.

• Reduce exposure based on business impact

Understand the business impact of an exposure with Wiz, such as a publicly exposed VM with a known vulnerability that has access to sensitive data, and automatically remove exposures based on criticality with Fortinet.

Better Together

The Fortinet-Wiz integrated solution helps joint enterprise customers seamlessly protect cloud workloads with leading network security from Fortinet and leading cloud-native application protection platform from Wiz.

Wiz customers can leverage FortiGate VM and FortiGate CNF to seamlessly protect their cloud infrastructure and workloads on AWS whenever Wiz Issues are generated. Wiz Issues identify toxic combinations that result from multiple risk factors, such as a publicly exposed machine that has an exploitable vulnerability and an exposed secret allowing lateral movement in the environment.

Wiz sends the issue information (automatically or manually, depending on customer requirements) to the FortiGate VM and FortiGate CNF to either allow or block traffic going to and from protected VMs running in AWS based on FortiGate policies defined by the customer. As a result, this integration empowers customers to extend automated remediation to prevent exposure and threats at the cloud network level using Fortinet’s leading network security solutions running in cloud environments.

Integrate Fortinet with Wiz Issues

• Identify publicly exposed VMs verified to be exposed by Wiz

• Identify the business impact of publicly exposed VMs with Wiz’s Issues to find toxic combinations that can lead to an attack path (such as vulnerabilities, access to sensitive data, high privileges) and set up Fortinet remediation based on business impact

Integrate Fortinet with Wiz threat detection rules

• Detect threats in real time with Wiz’s runtime sensor and threat detection rules, and automate remediation to update FortiGate when a suspicious event is detected