Two of Fortinet’s premiere security solutions, FortiAnalyzer and FortiSOAR, are integrated into a unified security fabric that enables global threat detection and response. This system, which is managed centrally from Vancouver, Canada, can expand capacity as needed and incorporates Fortinet’s FortiGuard telemetry for continuous threat intelligence.
During Fortinet’s Cybersecurity Summit 2024, the company’s Regional VP Pre-Sales Expert Rafi Wanounou, and Executive VP, Technology and Product Management, Robert May, discussed Fortinet’s products for global threat detection and response and AI-powered SecOps to automate complex threat investigations and actions.
Fortinet deploys FortiAnalyzer products globally to gather logs and detect threats in real-time. Additionally, FortiGuard security telemetry is integrated with FortiAnalyzer to continuously scan logs for new Indicators of Compromise (IOCs).
“What we do at Fortinet is we actually deploy multiple FortiAnalyzer products in each geographic location and they hook together in the background across what we call the ‘security fabric connection,’ and the main IT team that manages that network is actually sitting in Vancouver,” said May. “Now, if they want to go in and search for something, run a report, or build some event handlers to do some correlation, they can do that from a single platform and across that fabric connection.”
He added that it then reaches out to all those individual locations to build the unified report so that it is easy to simply expand on the go, and organizations don’t have to do it all in one shot.
“I can simply enable more and more capacity as I need it or as I’m sort of rolling out the next generation of my network,” May adds.
AI-driven security operations
The Summit also featured conversations about AI and its impact on organizations. Wanounou discussed AI’s impact on security and emphasized the importance of context and guardrails in AI-driven security operations. Corralling massive amounts of data and putting it into a centralized, AI-driven security fabric that can help improve cyber posture is a fundamental challenge for businesses.
“You also have to keep the data from leaving, right?” Wanounou added. “Who’s asking for it? Why are they asking for it? How are they asking for it? You take all this together, you take the massive investments in R&D, and we now have the ability to actually provide real AI that can run a security incident from top to bottom and give you the ability to efficiently triage as many alerts as you have of your security environment.”
Wanounou emphasized the critical need for efficient triage and automated threat blocking to overcome the challenges of managing security data and AI updates. Fortinet’s capabilities allow organizations to keep up with adversaries that continuously seek new means to breach their security. If used correctly, AI systems can be trained to enable automatic cyber threat detection, generate alerts, identify new strands of malware, and protect sensitive data.
“It’s not just set and forget; it’s about enabling the AI to automatically make your SOC more efficient and raise your security posture and, most importantly, keep up with the pace being driven by your adversary,” said Wanounou. “As adversaries pick up the pace, you will have to pick up the pace and the only way to do it is through automation– unless you plan on hiring hundreds of people.”
According to Fortinet, one of the benefits is that GenAI will achieve 20 percent or higher network utilization, and organizations will be able to use natural language processing to tell AI to deploy FortiGate in a branch.
Among other benefits, regarding network performance, AI can tell organizations why a server is slow or an application is not responding.
“Using the platform we provide is going to help you drive that adoption and efficiency in your network,” Wanounou remarked. “So, be nice to AI, turn on the AI.”
AI in cybersecurity is increasingly critical to protecting virtual systems from cyber threats and unauthorized access attempts. While strengthening cybersecurity posture requires human intervention, automating specific tasks can increase an organization’s threat intelligence capabilities and save them time discovering new threats.
Fortinet’s Summit brought the conversation about cybersecurity to the forefront by bringing together experts from across the channel. Find out more about the Summit here and how Fortinet is advancing the conversation around security posture.