Skip to main content



What is FortiDeceptor?

FortiDeceptor is a deception-based breach protection that helps users deceive, expose and eliminate external and internal threats.

Read more
Recent Reviews
Read all reviews
Return to navigation


View all pricing

What is FortiDeceptor?

FortiDeceptor is a deception-based breach protection that helps users deceive, expose and eliminate external and internal threats.

Entry-level set up fee?

  • No setup fee


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

2 people also want pricing

Alternatives Pricing

What is CyberTrap?

CyberTrap, headquartered in Vienna, offers their eponymous security software solution, a deception-as-a-service, that provides protection for enterprises against targeted attacks and cyber crime.

What is is a cybersecurity deception-technology platform from the company of the same name in London, designed to help businesses identify previously undetected data leakage incidents, to reduce incident cost. It does this by seeding trackable data records into customers’ systems, and then…

Return to navigation

Product Demos

Fortinet: Demo FortiDeceptor

Return to navigation

Product Details

What is FortiDeceptor?

Based on deception technology, FortiDeceptor complements an organization’s existing breach protection strategy. As a pro-active security solution, it is designed to deceive, expose and eliminate external and internal threats early in the attack kill chain before any significant damage occurs. FortiDeceptor offers both hardware and virtual appliance that allows flexibility for any organization to deploy in the campus and into the cloud.

Using FortiDeceptor, organizations can create a fake environment that simulates the real network and assets. Through the automatic deployment of decoys and tokens, the deception network integrates with an existing IT/OT/IoT infrastructure to lure external and internal attackers into revealing themselves. FortiDeceptor can serve as an early warning system by detecting an attacker’s activity and the lateral movement of a broader threat campaign. The threat intelligence gathered from the attacker can be applied automatically to inline security controls to stop attacks before any real damage is done.

FortiDeceptor boasts the following advantages:
  • Simple Management - Centrally manage a distributed deployment of FortiDeceptor and intelligent discovery and automated deployment of pre-built or custom decoys.
  • Unified IT-OT breach protection - Lure attacks away from critical assets across both IT and OT environments
  • Improved Security Posture - Protects against both threat actors and their tactics e.g. malware, ransomware via VirusTotal and FortiSandbox integration
  • Actionable Visibility - A GUI driven threat map quickly uncovers threat campaigns targeting your organization
  • Automated Protection - Protects against both threat actors and their tactics e.g. malware, ransomware via VirusTotal and FortiSandbox integration.

FortiDeceptor Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation


View all alternatives
Return to navigation

Reviews and Ratings



(1-4 of 4)
Companies can't remove reviews or game the system. Here's why
Score 8 out of 10
Vetted Review
Verified User
We tested FortiDeceptor to discover external and internal security breaches. It helps organizations proactively show and eliminate threats. I consider it an interesting option for building up a robust security solution for enterprises that need to secure critical information and infrastructure avoiding dead times. We tried it and like it although we are not buying it yet.
  • Deployment
  • Management
  • Expose breaches
  • Interoperability
  • Reporting
  • Decoys
If your organization has invested a fair sum of money in IT infrastructure and is prone to cyber threats, it would be a good idea to invest in a good deceiver like this to set decoys to detect and eliminate attacks while keeping your organization running. Basically is a cost-benefit scenario.
  • Business Operations
  • Cyber security
  • Data protection
  • Compliance
Score 8 out of 10
Vetted Review
Verified User
The main reason we outsourced FortiDeceptor was to complement the existing Enterprise Security solution. This was because we realized the Enterprise Security and SOAR solutions only concentrate on attacks on the main assets (servers); so that in the event of an attack, lateral systems like CPUs are exposed. With FortiDeceptor, we however eliminate attacks on the lateral assets before significant damages.
  • Management is simple - centralized deployment.
  • Easy to deploy custom decoys for the Operational Technology.
  • FortiSandbox integration has limited/basic Next Generation Firewall (NGFW) capabilities.
From my experience FortiDeceptor works well alongside established SIEM systems for endpoint protection for instance secure, water-tight systems to send emails to clients and customers. It allows us to equally concentrate on the security of both external and internal OT environment. It is a smart solution to counter malware. However, its not sufficient enough to secure your networks that why we are using it with the SOAR software.
  • It deploys decoys automatically, saving us the manpower.
  • It has been the way to go for cybersecurity in our converged IT and OT environment.
Splunk SOAR (Security Orchestration, Automation and Response) (formerly Phantom), Splunk Enterprise Security (ES)
Bhuwan Chandra | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
FortiDeceptor is the Concept of Honeypot & Threat Analytics & Threat Intelligent. Lure attackers to decoys that appear indistinguishable from real IT & OT assets & highly interactive. Centrally manage & automate deployments of decoy VMs(Windows, Linux, ICS/SCADA) and generations of lures (data, applications, Services) FortiDeceptor is designed to DECEIVE, EXPOSE and ELIMINATE external & internal attack kill chain & proactively block these threats before any significant damage occurs. Protect both IT & OT Devices, FortiDeceptor provides expansive decoy support to lure attacks away from IT & OT environments. Fortideceptor is Unintrusive & EasyIt is a Network based solution that creates a fake environment to stimulate the actual one. It is completely unintrusive -no requirement to take SCADA/ICS offline nor does it create any delay in operational duties.
  • Gain visibility of network-related attacks & laterals movements that could potentially bypass existing security in place.
  • Redirect attacks from existing critical platforms as well as sensitive data .
  • Early warning system to deal with threats.
  • FortiDeceptor works very well with FortiFabric environments, Where We need FortiSIEM & Other FortiGate NGFW, which could lead to a hike in IT Security Budget.
  • Reporting part needs to improve, Where again we have to buy a Forti analyzer for reporting part.
To help the Infosec Team Scale & create a seamless consolidated threat response. FortiDeceptor all the Security analysts to manually investigate & manual remediation or automatically block these attacks based on severity before actual damage occurs via integration with Fortigate to quarantine the IP address of the threat actor, FortiNAC to isolate devices within an organization with FortiSOAR to trigger appropriate playbooks for an orchestrated response and with 3rd party solutions to trigger a response action via built-in fabric connector API. FortiDeceptor needs other FortiFabric Devices to respond well, however, FortiDeceptor also connects with other solutions via built-in fabric connector API, but you may miss the real-time data flow or may be delayed in response.
  • FortiDeceptor is one of the best Deception technology available across the globe, With the best licensing policy ( Maximum Decoys based on Deception best practice -Four Decoy per VLAN).
  • Add-on-per VLAN(minimum quantity of two).
  • Day-1 operation via AI-based network and asset discovery & automated deployment of decoys.
  • Security Fabrics enables Fortideceptor integration with Fortinet & third-party security solutions to automate threat response.
Since we have other Fortinet solutions like Fortigate NGFW & FortiSIEM in place, they share the threat intelligence with each other, and FortiDeceptor works very well in FortiFabric environments, We decided to go with FortiDeceptor for Deception technology. In the case of Rapid7 & Smokescreen, we had to counter the integration issue with existing IT infra, Security solutions should not work in silos, they need to share intelligence with each other to get the best from the existing Solution & to get the best ROI.
Score 9 out of 10
Vetted Review
Verified User
FortiDeceptor protects our network from all aspects of malicious attacks. It's a proactive approach to Internet security rather than reacting as problems occur but putting up a giant roadblock to would-be attackers and stopping any major problems before they start. It's not overly complicated to use and does the job.
  • Protects against all types of malware.
  • Provides visibility to potential attacks to your network.
  • Blocks access to inappropriate websites.
  • The GUI for FortiDeceptor is very detailed but can be a little tricky to navigate with many options spread out in its menus.
  • The "attack map" gets points on its appearance but I'm not sure how useful it is as it's simply full of IP addresses and geographic locations.
FortiDeceptor is a useful service for a large corporate network that has extensive network resources and can commit the manpower to protect them. It's a straightforward approach to offer a high degree of protection from malicious content and attacks. A smaller network might not benefit from a traditional firewall and IPS would likely be sufficient.
  • Internet security is a gamble. It's hard to know the cost of a "would-be" attack. FortiDeceptor is basically an insurance policy and for that, it is a great investment.
The advantage of using FortiDeceptor is that it is available as either a standalone appliance or a VM. Fortinet does an excellent job of supporting this product (as they do with all of their products) and it's easy to manage. It's also great to have one vendor for all of our security products as the GUI is very well done and as familiar as using the FortiGate firewalls.
Return to navigation