Project-Lost

FortiAnalyzer / FortiSOAR / FortiEDR

Defense Evasion Execution

References

Fortinet SOC tools can be abused by threat actors for command execution and disabling alerts.

Abusing Automation Workflows

Description

Attackers use FortiSOAR playbooks to run commands across endpoints.

MITRE ATT&CK

T1059 – Execution

Edit this page on GitHub