Business & Technology

Fortinet’s Longstanding History of AI-driven Security

By David Finger | February 24, 2020

Almost two years ago, we unveiled one of our most mature AI-based backend systems - the Self-Evolving Defense System (SEDS) leveraging artificial intelligence from FortiGuard Labs. Developed as an Artificial Neural Network (ANN) and implemented in our FortiGuard Labs, it replicated the work of our antimalware researchers, but at machine scale. SEDS automatically examines billions of code “features” in order to make a sub-second determination of whether an unknown file is legitimate or malicious.  That determination speeds the delivery of updated threat intelligence from our global research labs to our deployed products in order to protect customers against new malware. At the same time, we also introduced the machine learning of FortiInsight for User and Entity Behavior Analytics that could be deployed by customers within their own networks.

Since then, FortiGuard Labs has built out multiple AI-based systems to ensure our global threat intelligence keeps pace with the accelerating threat landscape. Fortinet also continues to expand such advanced systems for customer deployment against threats not yet seen on in our labs. 

Expanding Fortinet’s AI-driven Security Offerings

These customer-deployed AI systems now include the newly released FortiEDR, which utilizes machine learning models to provide next generation AV and also monitors host system behavior in order to detect and defuse the most sophisticated attacks in real-time.  

In doing so, Fortinet is moving advanced threat detection earlier in the cyber kill chain, something leading analysts note is usually still heavily weighted toward the end of the cyber kill chain, with most MDR providers starting at the installation or command and control stages. This strategy offers organizations sophisticated detection technologies that can be applied from early stages of cybercriminal activity (reconnaissance) through the latest (act on objectives) and in between (delivery, exploitation and installation.  

Figure 1: Machine Learning Applied Across the Cyber Kill Chain

However, detection alone is not enough, which is part of Fortinet’s approach to enable organizations of all maturity levels to speed response through automation.  As part of this strategy, we announced the availability of FortiSOAR, complementing FortiAnalyzer and FortiSIEM to help organizations with well-defined response processes to orchestrate and/or automate them to speed response and ease the burden on security teams.  We’ve also introduced FortiAI to speed important, but repetitive and time-consuming tasks to sub-seconds as part of the security response process.

Figure 2: Orchestration and Automation for Organizations of All Security Maturity Levels

Fortinet remains committed to utilizing the power of Artificial Intelligence - both in FortiGuard Labs and available for your organizations - to prevent, detect and respond to cyber threats (across the entire cyber kill chain) at machine speed. 

Find out more about what Fortinet’s AI-driven Security Operations can do for your organization.

For more on why Fortinet’s evolving AI is critical, read Derek Manky’s recent article “Using AI to level the Cyber playing field".