FortiXDR – The Only XDR Solution to Autonomously Manage Cyber Incidents From Start to Finish

At Fortinet, we have been building integrated, multiple product solutions designed to operate as a single cohesive system; first with our Advanced Threat Protection Framework (a personal trip down memory lane) and more recently the Fortinet Security Fabric. The Security Fabric is a broad, integrated and automated cybersecurity platform powered by FortiGuard Labs security services that protects the digital enterprise from endpoint and IoT through network and cloud. FortiXDR is designed to extend the Fortinet Security Fabric, reducing complexity, accelerating detection, automating alert investigations, and coordinating responses to cyberattacks. As part of the Fortinet Security Fabric, FortiXDR is able to leverage the common data structure, correlated telemetry, unified visibility, native integration, and seamless interoperation of Fortinet’s portfolio of Fabric-enabled solutions. It then layers on automated analytics, incident investigation, and pre-defined responses out of the box. FortiXDR brings these advanced capabilities to all three steps of finding and mitigating a security incident:

1. Extended Detection: FortiXDR begins by leveraging the diverse security information shared across the Fortinet Security Fabric for correlation and analysis. And because it can collect information across the industry’s broadest portfolio, the more threat telemetry that can be used to find an active threat—especially those designed to avoid detection. 

2. Extended Investigation: FortiXDR is the first XDR solution to apply artificial intelligence (AI) to the investigation of detected threats—a process every other XDR solution hands off to an overburdened human security analyst, slowing down the process and leaving systems vulnerable to human error. And given the volume of alerts most networks generate, many security teams are simply not resourced to chase down every potential threat.

Traditionally, once initiated detection is made, a security analyst must look at the potential incident, decide how to investigate and verify it, assess its scope and associated components, see if it indicates a deeper threat not easily detected at first glance, and then determine the right response—whether to classify the alert as a false positive or to trigger the XDR solution to respond. 

FortiXDR’s first-of-its-kind, AI-based XDR solution fully automates incident investigation rather than relying on scarce human resources. It is powered by a patent-pending Dynamic Control Flow Engine and is continually trained using the threat data and research feeds provided by FortiGuard Labs as well as the frontline expertise of its incident responders. It establishes the context of an alert, performs a thorough investigation to determine if the threat is real, and then identifies the nature and scope of the attack so the response system knows how to proceed. And unlike a security analyst, FortiXDR performs this function in a matter of seconds, effectively closing the exposure gap created by other XDR solutions. 

3. Extended Response: Because FortiXDR is fully integrated into the Security Fabric, it is natively able to marshal every available resource needed to mount an effective,     automated, and coordinated response. And because its response functions are more uniform than most security information formats, customers are also able to leverage connectors to even tie in many third party solutions in their response.

Sourced from Fortinet

Recommended Posts