Self-learning AI: Fortinet uses machine learning and deep neural networks

Deep Neural Networks

FortiNDR detects cyberattacks based on unusual network activity

Fortinet®, a global leader in comprehensive, integrated and automated cybersecurity solutions, today introduces FortiNDR, a new Network Detection and Response solution. It uses powerful artificial intelligence (AI) and real-world analytics to enable faster detection of security incidents and accelerated response to threats.

AI helps SecOps teams stay on top of things

Security operations teams face increasingly sophisticated cybercriminals. Their methods are more destructive and less predictable than ever. In addition, the attack surface is growing thanks to hybrid IT architectures and an ongoing shortage of skilled workers due to the cybersecurity skills gap. Users of conventional security solutions also have to grapple with filtering out the really relevant ones from a flood of manual notifications. This diverts resources from important tasks, such as threat containment. The more sophisticated cybercriminals become, the more robust corporate defenses need to be.

FortiNDR accelerates threat detection with artificial intelligence

With the launch of FortiNDR, Fortinet provides full lifecycle network protection, threat detection and response based on AI. The result:

  • Detect signs of sophisticated cyberattacks: Using self-learning AI capabilities, machine learning, and advanced analytics, FortiNDR determines the normal value of an organization’s network activity and identifies deviations that may indicate a cyberattack. Profiling can be based on IP/port, protocol/behaviour, destination, packet size, geography, device type, and other factors. Collectively, this leads to earlier detection because organizations no longer have to rely on generic threat alerts. These can often only indicate dangers when they become known on a global level.
  • Relieve analysts with a Virtual Security Analyst: FortiNDR includes a Virtual Security Analyst (VSATM) that uses Deep Neural Networks – the next generation of Artificial Intelligence. It is designed to unburden analysts by evaluating code generated by malicious traffic and examining how widely it has already spread. By default, VSATM is trained on over six million malicious and safe properties that can identify and categorize IT and OT-based malware into threat categories. These capabilities can accurately identify “patient zero” and lateral spread of malware by analyzing the entire malware movement. VSATM can also detect encrypted attacks, malicious web activity, weak encryption/protocols and classify malware.
  • Identify compromised users and agentless devices: Not all devices in an organization can be equipped with Endpoint Detection and Response agents to detect a compromise. This includes personal devices, IoT and OT devices, and third-party devices. FortiNDR solves this problem by using a network sensor to specifically analyze traffic from all of these devices.

Coordinated response with integration into the security fabric

FortiNDR also offers native integrations with the Fortinet Security Fabric and API integrations with third-party solutions to provide a coordinated response to detected threats and minimize their impact. Common automations to expedite response include quarantining devices that generate anomalous traffic, enforcing policy for third-party devices via an API framework, and triggering a process controlled via SOAR (Security Orchestration, Automation and Response). . As the industry’s most powerful cybersecurity mesh platform powered by FortiOS and a common management framework, the Fortinet Security Fabric enables deep visibility, seamless integration and interoperability between critical security elements, and granular control and automation.

Learn more about Network Detection and Response with FortiNDR here.

#Selflearning #Fortinet #machine #learning #deep #neural #networks

Leave a Comment

Your email address will not be published.