ORDERING GUIDE

FortiRecon
Product Offerings

FortiRecon is a Digital Risk Protection (DRP) service that allows customers to gain visibility of
their digital attack surface, receive targeted threat intelligence, and reduce organizational risk.
The solution consists of three main components:
• External Attack Surface Management (EASM) — Provides an adversary’s view of the organization digital attack surface
and prioritizes risks and exposures, enabling customers to mitigate threats in a controlled manner before they become a
problem.
• Brand Protection (BP) — Continually monitors the organization’s public-facing brand, to detect web-based phishing attacks,
typosquatting, rogue applications, credential leaks, and brand impersonation in social media, which may impact brand value,
integrity, and trust.
• Adversary Centric Intelligence (ACI) — Leverages FortiGuard Threat Analysis to provide comprehensive coverage of dark
web, open source, and technical threat intelligence, including threat actor insights, to enable organizations to respond
proactively, assess risks, respond faster to incidents, better understand their attackers, and guard assets.

The following shows a summary of FortiRecon product offerings. For details, see the FortiRecon datasheet.

SOLUTION FEATURE FORTIRECON FORTIRECON FORTIRECON

BUNDLES EASM EASM AND BP EASM, BP, AND ACI
Asset Discovery   
Security Issues   
Asset Reports   
EASM
Monthly Scanning   
Weekly Scanning 
On-demand Scans (Two per Year) 
Third-party Credential Leaks   
Source Code Sensitive Leaks  
Open Cloud Storage Buckets  
Domain Typosquatting  
BP
Rogue Mobile Apps  
Phishing Monitoring - Digital Watermarking  
Takedowns  
Social Media Brand Impersonations  
Social Media 
Dark Web Monitoring 
Technical Intelligence 
ACI
IoC Reputation Lookup (IP/Domain/Hash/CVE) 
Dark Web Marketplace Monitoring (Stealer Logs) 
OSINT Cyber Threats 
Executive Reporting   
24x7 Portal Access   
Delivery Analyst Support  
Realtime Alerting  
Orchestration/Integrations (Ticketing/SOAR)  

YCONFIDETAL STRICLSTRICTLY CONFIDENTIAL 1

ORDERING GUIDE | FortiRecon

ORDER INFORMATION
NUMBER OF ASSETS EASM BP ACI
Up to 500 FC2-10-RNSVC-533-02-DD FC2-10-RNSVC-534-02-DD FC2-10-RNSVC-535-02-DD
Up to 1000 FC3-10-RNSVC-533-02-DD FC3-10-RNSVC-534-02-DD FC3-10-RNSVC-535-02-DD
Up to 2000 FC4-10-RNSVC-533-02-DD FC4-10-RNSVC-534-02-DD FC4-10-RNSVC-535-02-DD
Up to 10 000 FC5-10-RNSVC-533-02-DD FC5-10-RNSVC-534-02-DD FC5-10-RNSVC-535-02-DD
Up to 50 000 FC6-10-RNSVC-533-02-DD FC6-10-RNSVC-534-02-DD FC6-10-RNSVC-535-02-DD
Up to 100 000 FC7-10-RNSVC-533-02-DD FC7-10-RNSVC-534-02-DD FC7-10-RNSVC-535-02-DD

FORTIRECON TAKEDOWN SERVICE

PRODUCT SKU DESCRIPTION

Service Credits - 5 Takedowns FRN-TKD-5 License must be activated within one year of purchase. Unused Takedown credits expire three years after the date of activation.
Service Credits - 10 Takedowns FRN-TKD-10 License must be activated within one year of purchase. Unused Takedown credits expire three years after the date of activation.
Service Credits - 50 Takedowns FRN-TKD-50 License must be activated within one year of purchase. Unused Takedown credits expire three years after the date of activation.

FREQUENTLY ASKED QUESTIONS

What defines an asset?

An asset is any monitored resource, such as an ASN, IP address, domains, subdomains, or certificates.

How can my customer find out the number of assets they have?

Work with the Fortinet sales specialist to help scope the number of assets.

Are SKUs stackable?

No. SKUs are up to an asset count and must be co-termed to jump to the next asset count.

How do I increase the service level after the initial order?

You can achieve this via a co-term.

How do I extend a contract’s time period?

You can add a contract license to an existing subscription.

What type of scan of assets does FortiRecon perform?

FortiRecon performs a non-intrusive discovery scan of assets to determine what services are running. Depending on the service
exposed, FortiRecon may make a connection using standard protocols expected to be used on the TCP/UDP port to determine
further information about the service. For example, an HTTP server running on port 80, FortiRecon may capture the web page
exposed. FortiRecon does not attempt to exploit any service that is exposed to the Internet.

www.fortinet.com

Copyright © 2021 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product
or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other
conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet’s General Counsel, with a purchaser
that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any
such warranty will be limited to performance in the same ideal conditions as in Fortinet’s internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise
revise this publication without notice, and the most current version of the publication shall be applicable.

FRN-OG-R7-20221201
STRICTLY CONFIDENTIAL