FortiSandbox for Azure enables organizations to defend against Zero-day threats natively in the cloud, working alongside network, application, email, endpoint security, and other 3rd party security solutions, or as an extension to their on-premises security architectures to leverage cloud elasticity and scale.

Highlights:

• AI-powered sandbox malware analysis - Two-stage AI-based Static and Dynamic analysis for fast and reliable detection of Zero-day Malware.
• Broad Coverage of the Attack Surface with Security Fabric - Effective defense against advanced targeted attacks through a cohesive and extensible architecture working to protect network, application layers and endpoint devices from campus to cloud.
• Automated Zero-day, Advanced Malware Detection and Mitigation - Native integration and open APIs automate the submission of objects from Fortinet and third-party vendor protection points, and the sharing of threat intelligence in real time for immediate threat response.
• Supports MITRE ATT&CK-based report.

FortiSandbox for Azure has the following admin ports enabled:

• 443 for web admin
• 22 for ssh admin

FortiSandbox uses a two-stage process to identify zero-day, advanced malware including ransomware, and share relevant threat intelligence in real-time with inline security control so automated mitigation is applied.

• Stage 1 - Pre-filtering is performed by an engine powered by Fortinet's threat intelligence maintained by our global research team, FortiGuard Labs.
• Stage 2 - Dynamic behavior analysis is performed on objects to determine if they are malicious. Rating verdicts are returned to the originating device in real-time to act upon, natively within Fortinet Fabric security products, third-party vendor security products via JSON API, or as a feed via STIX format.

Note - The number of Windows VMs use