Threat Management, Channel partners, Content, Security Program Controls/Technologies, Threat Intelligence

Fortra Security Solutions Go on the “Offensive”

Businessmen join hands in pieces of white and red jigsaw puzzles, teamwork concepts, business solutions, success concepts and strategies, links and connections.

Fortra has repositioned its portfolio to advance its package of “offensive security solutions,” the company announced.

Fortra is a provider of vulnerability management, penetration testing, and red teaming software and services. The Minneapolis-based company's offerings include Frontline Vulnerability Manager (VM), Core Impact penetration testing software, Cobalt Strike adversary simulation software, and Outflank Security Tooling.

The solutions are now interoperable, providing data centralization, information sharing, reduced console fatigue, accelerated time-to-remediation, and other benefits, according to the company. In concert, the solutions apply the same techniques used by threat actors to identify and exploit gaps in an organizations’ security. That enables customers to find and fix weaknesses in their security posture before they are exploited, officials said.

Mark Bell, Fortra managing director of infrastructure protection, explained the company’s “offensive security” approach:

“Proactively seeking out your own security weaknesses has become essential to stay ahead and reduce risks. Like the old saying goes, ‘to catch a criminal, you must think like a criminal,’ and that is exactly what an offensive security approach does—before customers are exploited.”

Fortra Security Five Ways

Fortra’s offensive security offerings come in five configurations: (per Fortra)

  • Essentials combines Fortra's Frontline VM with its penetration testing platform, Core Impact, to scan, evaluate and prioritize security vulnerabilities and remediation efforts throughout an organization’s network.
  • Advanced combines Fortra's penetration testing and adversary simulation software solutions, Core Impact and Cobalt Strike, to provide a view of vulnerabilities through advanced ransomware and phishing simulations and comprehensive reporting, while also giving teams the ability to collaborate in real time.
  • Elite combines Frontline VM, Core Impact, and Cobalt Strike, allowing customers to evaluate security, identify vulnerabilities and proactively reduce risk. These combined vulnerability management, penetration testing, and adversary simulation tools run at the same time and are interoperable, streamlining the process to identify, analyze and prioritize vulnerabilities.
  • Red Team is built to integrate seamlessly into Cobalt Strike's flexible command and control framework, Outflank Security Tooling extends a company’s red teaming capabilities. Together, these tools can deploy more sophisticated adversary simulation and assess overall security posture and vulnerability.
  • Advanced Red Team combines Core Impact, Cobalt Strike and Outflank Security Tooling to evaluate security gaps, defenses and security strategies using the same tactics as today's threat actors. Together, these solutions provide a holistic security testing methodology for advanced red teamers.

Fortra Rebrands, Grows

Commenting on Fortra’s portfolio, Bell said:

“Fortra’s goal is to offer customers the very best protection, in the most streamlined and easy-to-implement way. The interoperability of these solutions removes complexity for customers, improving their efficiency and expediting remediation. The layered approach combines the strengths of each solution for more complete security assessment, testing and management.”

In 2022, HelpSystems rebranded itself as Fortra. Today, the company employs some 3,000 people and maintains offices in 18 countries and serves more than 30,000 global customers. As part of this evolution, Fortra shifted its focus to cybersecurity and automation with capabilities in data security, infrastructure protection, and managed security services.

Its recent acquisitions include: Alert Logic, Digital Guardian, Cobalt Strike, Tripwire, Digital Defense, Terranova Security, Agari, PhishLabs, Core Security, GoAnywhere, Titus, and other software and services providers.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.