FortiXDR

Main article: Security Information and Event Management (SIEM)

FortiXDR is the solution using the artificial intelligence (AI) for a research of threats that it is crucial for response to incidents.

2021: FortiXDR representation

The Fortinet company presented on February 2, 2021 the solution for expanded detection and reaction (XDR) FortiXDR intended for simplification, acceleration of detection and response to cyber attacks in scales of all organization. Extending to a cloud platform of endpoints of FortiEDR, it improves structure of security of the organization and degree of protection against threats using FortiGuard Labs security services. In particular, FortiXDR can automate completely the processes on security which are usually executed by experienced analysts. It allows to resist more quickly to threats on the surface of the attack.

cybercriminals use difficult and more and more intelligent tools for attacks on the vulnerable network edges which resulted from digital innovations. It means that for fight against more and more sophisticated organized cyber crime more smart and fast technologies are necessary for the organizations for security. FortiXDR – the solution XDR which uses artificial intelligence for replication of the manual analysis of threats, allowing the organizations to keep up with criminals. Integrated into the Security Fabric platform, it helps business to go in step with constantly growing landscape of cyberthreats. It is relevant even for the organizations limited to the sizes of a command and the number of tools – John Maddison, the senior vice president of marketing department of products and solutions of Fortinet company.

Unlike other solutions, FortiXDR works based on artificial intelligence with the patented mechanism of dynamic flow control and constantly studies at a basis of data on threats and the researches FortiGuard Labs and also on the basis of experience of specialists in response to incidents. Use of various information on security obtained from all Fortinet Security Fabric platform is the cornerstone of the solution. Further there is a process of correlation and the analysis of these data for exact identification of potential incidents of security. To come to final classification of threats and their scales, they are investigated by the AI mechanism also qualitatively as though it was done by the experienced analyst of security. At last, the best possible contextual response which can be automatically implemented for fast elimination of the confirmed incidents are defined.

Among the main features there is FortiXDR:

• Considerably the total quantity of signals on different products – on average decreases by 77% or more.
• The solution is capable in seconds copes with difficult tasks on which accomplishment the professionals locating specialized tools will need 30 minutes or more. The human factor is completely excluded.
• Consolidation of independent products safety and the automatic coordinated answer is ensured.
• Intellectual investigation of incidents is completely automated. There is no need to rely on limited human resources.

FortiXDR can receive telemetry from bigger number of parts of the organization that increases the probability of detection and correct classification of the attacks. It also covers bigger quantity of stages of a chain of cyber attack, supports more points of reaction for more effective elimination of effects of the attack, than the solution of competitors. All this allows the organizations to reduce average time to detection (MTTD) and average time to the answer (MTTR), at the same time increases efficiency of operations on security and the general security. As a result of FortiXDR allows the organizations to reduce risk to miss potentially dangerous cyber attacks, such as programs racketeers, phishing and others, at the same time reducing load of small groups on security.

The Fortinet Security Fabric platform, uses the best global security services of FortiGuard Labs to stop as much as possible attacks on all digital surface. It also provides a basis for XDR - with the general data structure correlated by the telemetry unified by visibility, own integration and uninterrupted interaction. Now FortiXDR includes automatic analytics, investigation of incidents and the preconfigured scenarios of reaction directly from a box.

FortiXDR joins a portfolio of offers of Fortinet on security on the basis of artificial intelligence, including components of response to the incidents suitable for the organizations of any size and complexity. FortiXDR work does it "of a box" ideal for the majority of averages and the average organizations with limited commands, tools and processes.