Architect of solutions at a comms service provider with 11-50 employees
Mar 9, 2021
Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox
FortiSandbox analyzes the behavior of processes in a sandbox environment, which is useful for threat hunting. The solution has an excellent standard configuration, and you can prioritize the types of files of VMs you want to analyze. It also integrates seamlessly with other Fortinet solutions, like FortiGate, FortiMail, and FortiEMS.
The scanner office document as well as PDF are useful. The most valuable thing is that you can emulate different operating systems without having the danger of getting something infected. It emulates several operating systems, and as a result, you either get the file or you don't get the file.
The most valuable features for me when it comes to Fortinet FortiSandbox are the integrity of the Sandbox and the power of the analyzing tool of the solution.
Architect of solutions at a comms service provider with 11-50 employees
Mar 9, 2021
If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer.
For the MSSPs, it would be great if the product could display all the threat chains on a dashboard since it is an area where the tool is currently lacking.
Consultant Business Development - Security at a comms service provider with 51-200 employees
Feb 22, 2022
There could be more templates and a higher number of simulated VMs to configure more use cases. Sometimes we need to configure many use cases in many different environments, and if the number of VMs that we configure is limited, we have to remove some and reconfigure the environment if we need another environment.
It should be easier to import custom virtual machines. Some of the VMs that are in FortiSandbox don't have the applications that we have in our environment. We need to import a VM with specific applications that we use in our environment. Have all the licenses because this is a real environment. You need a license for the Windows client you run on it. It's possible to import custom VMs, but it's a pain to do it. I would like a tool that simplifies the process.
I don't know if it is viable to do an improvement like this. When there are passwords in the password-protected files, it can't scan them or do things like this. I don't know if an algorithm or something else could make it better. Nowadays, many legitimate office documents have passwords.
The area I would like this solution to be improved in is the integrations for Sandbox with AI and big data ML mechanisms. I think this would be a practical improvement.
