A Peek Inside Fortra’s Cybersecurity Catalog, And Its Cyber Future
June 12, 2023 Alex Woodie
The evolution of Fortra, formerly HelpSystems, from a small IBM i systems management and monitoring provider from the Minneapolis area into one of the top 10 cybersecurity solution providers with an estimated $800 million in annual revenue is an interesting story, and one that we have already written. But what, exactly, does Fortra do in the security realm?
The cybersecurity space is changing quickly at the moment, as hackers look to exploit vulnerabilities in software and human processes. Lots of security software vendors are trying hard to keep up with the rapidly evolving threat landscape, so where does Fortra sit in all of this?
We recently caught up with Tom Huntington, the company’s longtime vice president of technical services, to get up to speed with the company’s broad catalog of acquired security software, what integrations it’s working on now, and hear what’s coming next.
To start off, it’s worth noting that Fortra’s website shows 68 individual offerings across 19 brands in the infrastructure and data protection category, which includes everything from Agari (acquired in March 2022) to Vera (December 2020). These products come from a string of 17 acquisitions it has made since 2018, most of which are security firms.
These products fall into six categories: Vulnerability management; email security and anti-phishing; digital risk protection; offensive security; data protection; and secure file transfer. Here’s a quick rundown on the offerings in each category:
Vulnerability Management
Fortra offers several products in this category. According to Huntington, the main one is Digital Defense (acquired February 2021). It sells a product a software-as-a-service (SaaS) offering called Frontline that’s designed to find vulnerabilities in customers’ networks and systems. It also includes a Web application firewall and penetration testing tool.
Alert Logic (March 2022) brings managed detection and response capabilities to the Fortra realm. Before Fortra bought it, more than 4,000 customers used this product, which helps customers stay on top of the slew of security alerts that come over the wire, often referred to as security information and event management (SIEM).
Tripwire (February 2022) pairs file integrity monitoring with vulnerability management. The software’s real forte is detecting changes to sensitive data, often made by malware.
Beyond Security (June 2021) gives Fortra machine learning-powered network vulnerability scanning capabilities, not to mention 3,200 customers.
Email Security and Anti-Phishing
Agari is designed to detect and stop phishing and spear phishing attacks and account takeover attempts originating mostly from email.
Clearswift (December 2019) provides a suite of security gateways that span email security, cloud and Web security, and data loss prevention. It also provides spam protection.
Terranova Security (April 2022) provides phishing simulation and security awareness training.
Digital Risk Protection
Fortra bought PhishLabs in October 2021 to give it an entry in digital risk protection, which is mostly about protecting brand protection. Through PhishLabs, Fortra analyzes the regular Web, the dark Web, social media, and emails for evidence of bad actors trying to impersonate legitimate companies.
“They work with people like GoDaddy to do account takedowns and stuff like that,” Huntington says, “and say ‘Hey, here’s this IP address that’s trying to be Bank of America and spoof their customers.’”
Offensive Security
The best defense is a good offense, somebody once said. To that end, penetration testing and “red teaming” software have taken on a greater importance as companies try to get an upper hand on increasingly aggressive and able cybercriminals.
In this category, Fortra has two main contenders. They include Core Security (acquired from SecureAuth in February 2019), which develops Core Impact, an automated penetration testing tool that helps users to simulate attacks on their own systems.
Also in this category is Cobalt Strike (acquired March 2020), an adversary simulation tool with the primary focus of post exploitation. Cobalt Strike is joined by Outflank (acquired September 2022), a red teaming toolset for offensive security testing.
Data Protection
Fortra has several offerings in the data protection realm, including Titus and Boldon James, which the company acquired in the summer of 2020.
Titus gained repute for its metadata-based data classification capabilities, which are integrated with the Microsoft stack. Boldon James, meanwhile, is focused on detecting sensitive data and enforcing strict adherence to Military Message Handling Systems (MMHS) for secure communications.
It also has Vera up its sleeve. Vera allows document owners to control what can be done with documents they share with others, including restricting the ability to print, share, or even screenshot it.
Secure File Transfer
Fortra has three main offerings in this category, including Globalscape, GoAnywhere, and FileCatalyst. While they all offer secure file transfer capabilities, they differ in some respects.
GlobalScape (March 2020) is a leader in secure file transfer for Windows environments and is also available as a hosted service. GoAnywhere, which Fortra obtained with its acquisition of Linoma Software years ago, is a Java-based product that’s more popular among IBM i shops. FileCatalyst (January 2021) is a UDP-based file transfer solution that’s popular in the entertainment industry.
Not all of the offerings run on IBM i or even integrate with the platform, but some of them do, and Fortra is cognizant of the changing security needs on IBM i. Fortra recently rolled out automated penetration testing that supports IBM i, for instance. Stay tuned for a story on that.
Fortra also develops and sells native IBM i security offerings too, thanks to a number of security acquisitions it has made over the years, including PowerTech, Safestone Technologies, and Skyview Partners. Today, Fortra’s IBM i security solutions are sold under the PowerTech brand. It also sells anti-virus software through Bytware.
Fortra clearly has a wide range of security capabilities through the nearly 20 acquired security brands. The company is working to integrate the various products and create product bundles where it makes sense.
“We are doing a lot of bundling,” Huntington says. “So in the past, somebody might have sold Cobalt Strike and somebody might have sold Core Impact. Now we’re offering up a bundle of Core Impact and Cobalt Strike together, because they go after penetration testing a little differently.”
Managed services are also part of the security gig for Fortra. This is appealing to IBM i customers because they often lack the capabilities to manage network security on their own, Huntington says.
“We can do managed detection and response as an offering where basically we put an agent into your end point,” he says. “We can put it in IBM i because we do the SIEM integration from PowerTech. And now with our Alert Logic brand, we can manage all your cybersecurity – intrusion detection, file integrity monitoring, network end points – all under one umbrella.”
The volume of scans performed by Fortra’s managed security services business – about 6 billion emails per week, Huntington says – provides fodder for the company’s threat research arm.
“You think about PhishLabs, Digital Guardian, Digital Defense, AlertLogic – these companies are all proactively monitoring cybersecurity for organizations all over the globe,” Huntington says. “We’re looking at phishing attempts and all the things coming in. We have a threat research team at Fortra now that all they do in development is build AI and machine learning around all the threats that are hitting organizations around the globe. We are top 10 cybersecurity company now because of all that information.”
The company known for 40 years as HelpSystems certainly has changed its game. While it still offers IBM i tools, it has widened its net considerably. Today about 80 percent of the company’s revenues come from outside of the IBM i, while about 20 percent come from the traditional IBM i business.
So is Fortra comfortable with where it is? Will those 19 security acquisitions over the past five years suffice? Huntington points at the Greek letter for “change” that stands in for an “A” at the end of Fortra’s name.
“No, we’re never done,” he says. “You have the ever-changing cybersecurity space. The bad actors are changing in a bad way. The regulations are changing. The technology that you’re protecting is changing. So all those things come into play.”
Editor’s note: This story has been corrected. Cobalt Strike does not develop Outflank. IT Jungle regrets the error.
RELATED STORIES
Fortra Completes Postmortem Of GoAnywhere Vulnerability
Fortra Issues 20th State of IBM i Security Report
Zero-Day Vulnerability in Fortra’s GoAnywhere MFT Being Actively Exploited