Fortinet Introduces Self-Learning Artificial Intelligence Appliance for Sub-Second Threat Detection

FortiAI Leverages Deep Neural Networks to Automate Threat Detection and Remediation, Expanding Fortinet’s AI-driven Security Offerings

San Francisco, Calif. - RSA - 24.02.2020


John Maddison, EVP of products and CMO at Fortinet

“Fortinet has invested heavily in FortiGuard Labs cloud-based AI-driven threat intelligence, allowing us to detect more threats, more quickly and more accurately. FortiAI takes the artificial intelligence knowledge from FortiGuard Labs and packages it specifically for on-premises deployments. This gives customers the power of FortiGuard Labs directly in their environment, with self-learning AI to identify, classify and investigate sophisticated threats in sub-seconds.”

News Summary

Fortinet® (NASDAQ: FTNT), a global leader in broad, integrated and automated cybersecurity solutions, today announced FortiAI, a first-of-its-kind on-premises appliance that leverages self-learning Deep Neural Networks (DNN) to speed threat remediation and handle time consuming, manual security analyst tasks. FortiAI’s Virtual Security AnalystTM  embeds one of the industry’s most mature cybersecurity artificial intelligence – developed by Fortinet’s FortiGuard Labs – directly into an organization’s network to deliver sub-second detection of advanced threats.

Organizations Face an Uphill Battle

Security architects confront many challenges when it comes to discovering and remediating threats, including:

  • Cybercriminals are becoming more sophisticated. While traditional cyber threats continue, sophistication of advanced attacks – often enabled by artificial intelligence, machine learning and open source communities – are increasing. As a result, organizations and their defenses are challenged to keep pace with threat evolution.
  • The attack surface is expanding. Millions of new applications, growing cloud adoption and the increase in connected devices are creating billions of edges that security teams need to properly protect and manage. Organizations are challenged to keep pace with the threat volume resulting from many potential entry points.
  • Security teams are constrained due to the cyber skills shortage. The cybersecurity industry faces a skills gap that has become a top emerging risk for organizations. There are not enough skilled professionals available to properly triage, investigate and respond to the growing number of threats – potential and actual – making it easier for cybercriminals to outpace legacy security processes and tools.

Self-Learning AI Adapts Organizations’ Threat Protection

To address these challenges faced by security professionals today, Fortinet is unveiling FortiAI Virtual Security AnalystTM to accelerate threat remediation. FortiAI handles many of the time consuming, manual tasks currently expected of security professionals, preserving their time for higher value security functions. FortiAI’s self-learning capabilities continue to get smarter once deployed in an organization’s network.

FortiAI leverages Deep Learning known as Deep Neural Networks, which mimic neurons in the human brain, to make complex decisions based on its scientific analysis of threats specific to the organization where it is deployed. As FortiAI’s artificial intelligence continues to mature, organizations benefit from having FortiAI’s Virtual Security AnalystTM effectively transform and adapt threat protection.

FortiAI Levels the Playing Field

Fortinet’s Deep Neural Networks (DNN) approach enables FortiAI to revolutionize threat protection by:

  • Automating time-consuming manual investigations to identify and classify threats in real time: Organizations using legacy security processes combined with limited security staff find it difficult to perform manual investigations for each threat alert. This creates additional risks including a data breach or security incident due to slow response time. To solve this, FortiAI automates investigations using DNN to identify the entire threat movement and uncover patient zero and all subsequent infections in a sub-second.
  • Transforming security processes for instant detection and remediation of attacks: FortiAI’s Virtual Security AnalystTM significantly reduces the time organizations are exposed to threats by scientifically analyzing characteristics of threats and generating an accurate verdict to accelerate threat response.
  • Delivering tailored threat intelligence to significantly reduce false positives: False positives are a burden for security analysts to investigate and it is time consuming to determine threats versus non-threats. Through tailored threat intelligence, FortiAI learns new malware features as it adapts to new attacks instantaneously and reduces false positives.

On-premises Protection for Air Gapped Networks

Another key distinction of FortiAI is that it offers on-premises AI suitable for organizations that have air gapped networks. Operational technology environments, government agencies and some large enterprises must adhere to strict compliance regulations and/or security policies that limit their network’s connection to the internet. FortiAI with its self-learning AI model does not require internet connectivity to learn and mature, enabling organizations with closed environments or stringent security policies to stay ahead of threats.

Fortinet’s AI-driven Technologies Automate Threat Protection

Fortinet has a longstanding history of helping customers strengthen their security posture by leveraging artificial intelligence. Some of the existing Fortinet offerings and services, complemented by the new FortiAI, that leverage various forms of AI, such as least squares optimization and Bayesian probability metrics, include:

  • FortiGuard Labs Threat Intelligence: FortiGuard Labs uses proven advanced AI and machine learning to gather and analyze over 100 billion security events every day. This threat intelligence produced by FortiGuard Labs is delivered to customers through its subscription services available for a range of Fortinet’s products, including the flagship FortiGate NGFWs. As a result, customers benefit from artificial intelligence deployed in global labs for faster threat prevention.
  • FortiSandbox: Fortinet is the first security vendor to introduce AI to sandboxing to automate breach protection. FortiSandbox includes two machine learning models to its static and dynamic analysis of zero-day threats, improving the detection of constantly evolving malware, such as ransomware and cryptojacking. Through the use of a universal security language to categorize malware, FortiSandbox also connects discussions between network and security teams, leading to more integrated and improved security operations.
  • FortiEDR: Fortinet’s FortiEDR uses machine learning to automate the endpoint protection against advanced threats with real time orchestrated incident response functionalities. Customers also benefit from more control of network, user and host activity within their environments.
  • FortiInsight: FortiInsight uses machine learning analytics to effectively monitor endpoints, data movements and user activities to detect unusual, malicious behavior and policy violations attributed to insider risk.
  • FortiWeb: To better protect web applications and APIs, FortiWeb applies machine learning to tailor a unique defense for each application. As a result, FortiWeb can quickly block threats while minimizing the false positives that may interfere with end user experience.
  • FortiSIEM: FortiSIEM leverages machine learning to recognize patterns in typical user behavior like location, time of day, devices used and specific servers accessed. FortiSIEM can then automatically notify security operations teams when anomalous activities occur, like concurrent logins from separate locations.

As cyber criminals look to exploit the expanding digital attack surface with sophisticated attacks, the breadth and depth of the Fortinet Security Fabric’s AI-driven technology provides customers with unparalleled threat prevention, detection and response that can be instant and automated.

Supporting Quotes

 “Deploying FortiSandbox to protect our organization against zero-day threats was seamless through Fortinet’s Security Fabric platform. FortiSandbox secures our perimeter, client and mail servers, and ultimately is protecting our assets from advanced unknown threats. Leveraging FortiSandbox’s AI-driven capabilities has helped us keep pace with AI-driven threats, all while providing an easy and simplified way to configure and manage our security.” 

- Dario Palermo, System and Network Administrator at Ente Autonomo Volturno

Additional Resources

About Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers our customers with complete visibility and control across the expanding attack surface and the power to take on ever-increasing performance requirements today and into the future. Only the Fortinet Security Fabric platform can address the most critical security challenges and protect data across the entire digital infrastructure, whether in networked, application, multi-cloud or edge environments. Fortinet ranks #1 in the most security appliances shipped worldwide and more than 440,000 customers trust Fortinet to protect their businesses. Both a technology company and a learning company, the Fortinet Network Security Expert (NSE) Institute has one of the largest and broadest cybersecurity training programs in the industry. Learn more at https://www.fortinet.com, the Fortinet Blog, or FortiGuard Labs.

Copyright © 2020 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiCare, FortiManager, FortiAnalyzer, FortiOS, FortiADC, FortiAP, FortiAppMonitor, FortiASIC, FortiAuthenticator, FortiBridge, FortiCache, FortiCamera, FortiCASB, FortiClient, FortiCloud, FortiConnect, FortiController, FortiConverter, FortiDB, FortiDDoS, FortiExplorer, FortiExtender, FortiFone, FortiCarrier, FortiHypervisor, FortiIsolator, FortiMail, FortiMonitor, FortiNAC, FortiPlanner, FortiPortal, FortiPresence , FortiProxy, FortiRecorder, FortiSandbox, FortiSIEM, FortiSwitch, FortiTester, FortiToken, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLCOS and FortiWLM.

Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments. This news release may contain forward-looking statements that involve uncertainties and assumptions, such as statements regarding technology releases among others. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.